POWERFUL SOFTWARE. FIGHTING HIGH CONSEQUENCE CYBER CRIME. KEY SOLUTION HIGHLIGHTS

Similar documents
WYNYARD ADVANCED CRIME ANALYTICS POWERFUL SOFTWARE TO PREVENT AND SOLVE CRIME

PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management

A BUSINESS CASE FOR BEHAVIORAL ANALYTICS. White Paper

CYBER4SIGHT TM THREAT INTELLIGENCE SERVICES ANTICIPATORY AND ACTIONABLE INTELLIGENCE TO FIGHT ADVANCED CYBER THREATS

Niara Security Analytics. Overview. Automatically detect attacks on the inside using machine learning

Cyber4sight TM Threat. Anticipatory and Actionable Intelligence to Fight Advanced Cyber Threats

IBM SECURITY QRADAR INCIDENT FORENSICS

How To Create An Insight Analysis For Cyber Security

100 Hamilton Avenue Palo Alto, California PALANTIR CYBER. An End-to-End Cyber Intelligence Platform

Niara Security Intelligence. Overview. Threat Discovery and Incident Investigation Reimagined

Accenture Intelligent Security for the Digital Enterprise. Archer s important role in solving today's pressing security challenges

How To Protect Yourself From A Threat From Social Media

LOG INTELLIGENCE FOR SECURITY AND COMPLIANCE

Applying machine learning techniques to achieve resilient, accurate, high-speed malware detection

LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

Big Data for Public Safety: 4 use cases for intelligence and law enforcement agencies to leverage Big Data for crime prevention.

NetScope: Powerful Network Management

Threat analytics solution

Making critical connections: predictive analytics in government

How to Secure Your SharePoint Deployment

WHITE PAPER: THREAT INTELLIGENCE RANKING

Detecting Anomalous Behavior with the Business Data Lake. Reference Architecture and Enterprise Approaches.

EnCase Analytics Product Overview

Addressing government challenges with big data analytics

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

August Investigating an Insider Threat. A Sensage TechNote highlighting the essential workflow involved in a potential insider breach

Manage the unexpected

WYNYARD GROUP ADVANCED CRIME ANALYTICS POWERFUL SOFTWARE. CONNECTING THE DOTS.

Vulnerability Management

Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence

Next Generation Business Performance Management Solution

First Line of Defense

GETTING REAL ABOUT SECURITY MANAGEMENT AND "BIG DATA"

Continuous Network Monitoring

locuz.com Big Data Services

SECURITY ANALYTICS & INTELLIGENCE FOR CRITICAL INFRASTRUCTURE

The SIEM Evaluator s Guide

Cyber Situational Awareness for Enterprise Security

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

IBM QRadar as a Service

AMPLIFYING SECURITY INTELLIGENCE

Cyber Security Metrics Dashboards & Analytics

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Setting the Standard for Safe City Projects in the United States

What s New in Security Analytics Be the Hunter.. Not the Hunted

Making Critical Connections: Predictive Analytics in Government

Employee Travel Monitoring System

THE GENIUS OF DATA: MAKING INTELLIGENT SECURITY A REALITY

CyberArk Privileged Threat Analytics. Solution Brief

Security Event and Log Management Service:

LogInspect 5 Product Features Robust. Dynamic. Unparalleled.

Privilege Gone Wild: The State of Privileged Account Management in 2015

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

LogPoint 5.1 Product Features Robust. Dynamic. Unparalleled.

Palo Alto Networks and Splunk: Combining Next-generation Solutions to Defeat Advanced Threats

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

A MULTIFACETED CYBERSECURITY APPROACH TO SAFEGUARD YOUR OPERATIONS

Best Practices for Building a Security Operations Center

Fight fire with fire when protecting sensitive data

<risk> Enterprise Risk Management

Enterprise Organizations Need Contextual- security Analytics Date: October 2014 Author: Jon Oltsik, Senior Principal Analyst

How To Manage Security On A Networked Computer System

First Line of Defense

Symantec Advanced Threat Protection: Network

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

AccelOps NOC and SOC Analytics in a Single Pane of Glass Date: March 2016 Author: Tony Palmer, Senior ESG Lab Analyst

RUAG Cyber Security. More security for your data

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

I D C A N A L Y S T C O N N E C T I O N

Cyber and Operational Solutions for a Connected Industrial Era

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

What is Security Intelligence?

Privilege Gone Wild: The State of Privileged Account Management in 2015

Q1 Labs Corporate Overview

Effective Log Management

Corporate Investigations Management

Stay ahead of insiderthreats with predictive,intelligent security

The Cyber Threat Profiler

BIG DATA TRIAGE & DIGITAL FORENSICS

Threat intelligence visibility the way forward. Mike Adler, Senior Product Manager Assure Threat Intelligence

How To Choose A Business Intelligence Toolkit

Big Data for Public Safety: 4 use cases for intelligence and law enforcement agencies to leverage Big Data for crime prevention.

How to Choose the Right Security Information and Event Management (SIEM) Solution

The State of Insurance Fraud Technology. A study of insurer use, strategies and plans for anti-fraud technology

Boosting enterprise security with integrated log management

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

Can We Become Resilient to Cyber Attacks?

Empowering Your Business in the Cloud Without Compromising Security

Fusing Vulnerability Data and Actionable User Intelligence

ORACLE BUSINESS INTELLIGENCE SUITE ENTERPRISE EDITION PLUS

2011 Forrester Research, Inc. Reproduction Prohibited

Unicenter Asset Intelligence r11

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Security strategies to stay off the Børsen front page

Combating a new generation of cybercriminal with in-depth security monitoring

ORACLE BUSINESS INTELLIGENCE SUITE ENTERPRISE EDITION PLUS

Visualizing Threats: Improved Cyber Security Through Network Visualization

Transcription:

ADVANCED CYBER THREAT ANALYTICS POWERFUL SOFTWARE. FIGHTING HIGH CONSEQUENCE CYBER CRIME. Wynyard Advanced Cyber Threat Analytics (ACTA) is a Pro-active Cyber Forensics solution that helps protect organisations where a cyber security compromise could have a high consequence impact. ACTA helps organisations to discover disguised and hidden threat indicators, unknown unknowns, early on in existing big data network logs and supports informed cyber responses before these threats become dangerous knowns and unsolvable problems. WHO IS ACTA FOR? ACTA has been developed in association with global Fortune 500 companies. It is a market leading product for organisations where a cyber-security compromise could have a significant or catastrophic economic, operational or reputation impact. It can be deployed across all industries with cyber security concerns as follows: Organisations with an existing cyber security team. Organisations who provide outsourced cyber security and cyber intelligence operations services. ACTA HELPS YOUR ORGANISATION TO: Discover serious threats hidden in the masses of data already being collected but not analysed within an organisation s network logs. Identify unknown unknowns before they become dangerous knowns and unsolvable problems. Reduce operational, financial and reputational risk. KEY SOLUTION HIGHLIGHTS The combined power of pro-active anomaly detection and visual forensics provides a capability that far exceeds competing cyber security tools. ACTA works as the last line of defense, continuously monitoring within the network and using anomaly detection. Anomaly discovery & detection Discover the hidden threats that you did not know existed on your network with anomaly detection using unsupervised machine learning models from Wynyard s Crime Science Research Institute. Threat generation ACTA finds and prioritises the highest priority threats for investigation. This significantly reduces the massive security alert volumes that analysts are forced to work through on a daily basis. Advanced analysis visualisations Advanced analysis provides security analysts with the ability to forensically examine and visually explore the data, discovering the origination and extent of attacks across the network, before preparing a response. Analytics platform The scalable and highly available analytics platform is proven to ingest and process gigantic data volumes (petabyte scale). It also provides the ability to run multiple advanced analytics models against the data without compromising on performance. Reduce regulatory exposure and risk of penalties through continuous monitoring. USE CASES Trusted by Boards to reveal potentially unmitigated catastrophic and high risk events. Leveraged by CISOs to discover unknown compromises on the network, understand threats and respond. Used by CROs to ensure compliance with emerging regulations. Used by security analysts to discover the root cause of threats, identify origination points and respond. Implemented by SOC operators to protect their client s networks.

KEY SOLUTION BENEFITS Better protection by monitoring activity inside the network, not just the perimeter. Lower cost by using existing network log data already paid to be collated and stored. Discovery of unknown network anomalies using advanced machine learning techniques. Reduced noise for security analysts by discovering the highest priority threats and not drowning analysts in ever increasing alerts. Improved ability for analysts to investigate with advanced visualisations and threat exploration for quick discovery and compromise insight. A better understanding of network compromise. Better compliance by continuously monitoring the network and surfacing compromise. Part of a layered approach to security by acting as the last line of defense and surfacing anomalous activity early in the threat timeline. HOW IS ACTA DIFFERENT? Wynyard ACTA provides pro-active cyber forensics that can be deployed rapidly, and is non-intrusive, at a low cost: Pro-active: discovers hidden threats using anomaly detection in your existing network logs. It surfaces threats no one knew about. Forensics: visually explore the highest priority threats and how they may be mitigated. It focusses the investigation. Non-intrusive: use the existing network log data that you have already paid to have collated and stored. Rapid deployment: rapid deployment with out-of-the-box data adaptors and fully configured off-the-shelf solution. Low cost: use of existing data, rapid deployment times and a complete solution with no extra hidden software license costs all lead to lower-cost deployments and a low TCO. HOW DOES ACTA WORK? 1. 2. 3. 4. 5. 6. 7. ACTA ingests DNS, Proxy, NetFlow, Remote Network Access, Active Directory, and DHCP logs. ACTA rapidly processes this data at scale through the data analytics platform. Using proven anomaly detection, ACTA reveals anomalies that lie hidden on the network. The most suspicious anomalies are highlighted as priority-ranked threats. These threats are contextualised with an appropriate subset of event data. The threats, alerts and context are surfaced within ACTA analysis. Visual user-based analysis, query, and data exploration tools allows users to rapidly respond to threats. CLIENT NETWORK & DATA WYNYARD ADVANCED CYBER THREAT ANALYTICS DNS PROXY THREAT OUTPUT CORPORATE NETWORK SERVERS AD REMOTE NETWORK ACCESS COLLATED LOG STORE HIGH PERFORMANCE DATABASE ANALYTICS ENGINE ADVANCED ANALYTICS NETFLOW DHCP ALERTS & CONTEXT ACTA: Preventing high consequence cyber crime using Pro-active Cyber Forensics

ADVANCED CRIME ANALYTICS OPEN SOURCE INTELLIGENCE SOLUTION Wynyard Advanced Crime Analytics (ACA) Open Source Intelligence (OSINT) solution is a pre-configured model within ACA, ingesting near real-time OSINT data feeds to extract and analyse open source information. The internet has become the platform of choice for communication, interaction, and facilitation of large organised crime groups. In order to disrupt these networks, Wynyard s ACA OSINT tracks social media interactions and blends these with other intelligence feeds to research, analyse and track specified targets. Wynyard Advanced Crime Analytics is a powerful platform for intelligence collection, processing, assessment and dissemination. Through the ACA platform, OSINT deploys advanced algorithms, machine learning and context intuitive workflows to help discover and present entities of interest, relationships, patterns and anomalies. The web is a terrorist s command-and-control network of choice. Robert Hannigan, Director GCHQ, FT Online, November 3, 2014 ACA OSINT HELPS: KEY SOLUTION HIGHLIGHTS Government agencies stay one step ahead of international organised crime groups Utilise specialist resource more effectively to combat crime Quickly target funders, harbourers & supporters of organised crime Rapidly identify the most actionable intelligence from the noise of large data sets Fuse multiple sets of structured & unstructured Open Source intelligence Rapidly search and discover Aggregate open source information in near real-time from multiple platforms based on key word searches or geo-coded ring-fencing to present data for targeted analysis. Customisation Use in-built specialist lists such as countries, terrorist organisations of interest, weapons or types of attacks, to assist with effective text mining and entity extraction. Connect multiple data sources Create a full picture of an individual s online activity by connecting their various personas across multiple social media platforms over time. Visualise complex data Intuitively visualise interactions and connections between entities and networks to discover actionable intelligence. Raise the bar on operational effectiveness Access via a selected secure hosting environment removing the need for the provision of any in-house infrastructure or installation.

KEY SOLUTION BENEFITS Entity extraction Automatically extract and classify types of entities such as on-line personas (e.g. Facebook Users, Blog Authors, Forum Names, Twitter Users, etc), Content Entities (tweets, messages, hashtags, Facebook messages, blog and forum posts) and Web Links. Geographical display Visualise online interactions on maps to locate areas of interest and trail movements of users based on geo-tags from the data associated with them. Timeline analysis Quickly visualise peaks in social media activity to identify time periods of interest or use previously identified dates and times to analyse online interactions around particular events. Visualise complex data View and explore networks of relationships between entities of any type within the data extracts and apply pre-set filters or querying criteria to help focus in on areas of interest. Pathfinder queries and ad-hoc queries Rapidly discover connections and links across a set of seemingly unrelated entities with pathfinder queries. Similarly, ad-hoc queries can be created and run to uncover connections or follow a specific line of enquiry. Sophisticated search Search for entities or interactions within the data with a full-featured text search engine utilising Boolean entities, and fuzzy and distance matching. Advanced Crime Analytics Open Source Intelligence rapidly identifies actionable intelligence DATA SOURCES WYNYARD ACA ANALYST TOOLS User interface allows investigators to develop, evaluate and work leads. EXTRACT ADVANCED ANALYTICS TEXT ANALYTICS/ ENTITY EXTRACTION SOCIAL NETWORKS THIRD PARTY AGGREGATOR TRANSFORM GEOSPATIAL ANALYSIS TIMELINE ANALYSIS ANOMALY DETECTION LOAD RULES ENGINE QUERY & SEARCH CAPABILITIES PATHFINDER QUERIES ABOUT WYNYARD GROUP Wynyard Group is a market leader in serious crime fighting software used by customers in government, financial services and infrastructure critical to a nation. Wynyard s powerful advanced crime analytics and investigations case management products help customers solve and prevent serious organised and trans-national crime, financial crime and threats from new generation extremism and high consequence cyber crime. Wynyard solutions combine next generation big data capability with specialist investigations and intelligence tradecraft in a powerful and secure software platform. Wynyard partners with major systems integrators and some of the world s leading software companies and has operations in the United States, United Kingdom, Canada, Middle East, Australia and New Zealand. For more information visit www.wynyardgroup.com POWERFUL SOFTWARE. FIGHTING SERIOUS CRIME.

ADVANCED CRIME ANALYTICS FOREIGN FIGHTER SOLUTION Wynyard s Foreign Fighter solution is a securely hosted, pre-configured model within Wynyard Advanced Crime Analytics used to extract and analyse open source information. The internet has become the platform of choice for communication, interaction, and facilitation of large organised crime groups involved in fundamentalist activity. In order to disrupt these networks, Wynyard Foreign Fighter tracks social media interactions and blends these with other intelligence feeds to research, analyse and track specified targets, at risk or involved in fundamentalist conflict or radicalisation. Wynyard Advanced Crime Analytics (ACA) is a powerful platform for intelligence collection, processing, assessment and dissemination. Through the ACA platform, Wynyard Foreign Fighter deploys advanced algorithms, machine learning and context intuitive workflows to help discover and present entities of interest, relationships, patterns and anomalies. The web is a terrorist s command-and-control network of choice. Robert Hannigan, Director GCHQ, FT Online, November 3, 2014 FOREIGN FIGHTER HELPS: Government agencies stay one step ahead of international organised crime groups Utilise specialist resource more effectively to combat crime Quickly target funders, harbourers & supporters of organised crime Rapidly identify the most actionable intelligence from the noise of large data sets KEY SOLUTION HIGHLIGHTS Rapidly search and discover Aggregate open source information in near real-time from multiple platforms based on key word searches or geo-coded ring-fencing to present data for targeted analysis. Customisation Use in-built specialist lists such as countries, terrorist organisations of interest, weapons or types of attacks, to assist with effective text mining and entity extraction. Connect multiple data sources Create a full picture of an individual s online activity by connecting their various personas across multiple social media platforms over time. Visualise complex data Intuitively visualise interactions and connections between entities and networks to discover actionable intelligence. Raise the bar on operational effectiveness Access via a selected secure hosting environment removing the need for the provision of any in-house infrastructure or installation. Fuse multiple sets of structured & unstructured Open Source intelligence Foreign Fighter is designed to dirupt networks involved in fundamentalist activity. WEAPONS TRADE DRUGS TRADE CHILD ABUSERS TERRORISTS HACKERS GANGS THE INTERNET PEOPLE NETWORK

KEY SOLUTION BENEFITS Entity extraction Automatically extract and classify types of entities such as on-line personas (e.g. Facebook Users, Blog Authors, Forum Names, Twitter Users, etc), Content Entities (tweets, messages, hashtags, Facebook messages, blog and forum posts) and Web Links. Geographical display Visualise online interactions on maps to locate areas of interest and trail movements of users based on geo-tags from the data associated with them. Timeline analysis Quickly visualise peaks in social media activity to identify time periods of interest or use previously identified dates and times to analyse online interactions around particular events. Visualise complex data View and explore networks of relationships between entities of any type within the data extracts and apply pre-set filters or querying criteria to help focus in on areas of interest. Pathfinder queries and ad-hoc queries Rapidly discover connections and links across a set of seemingly unrelated entities with pathfinder queries. Similarly, ad-hoc queries can be created and run to uncover connections or follow a specific line of enquiry. Sophisticated search Search for entities or interactions within the data with a full-featured text search engine utilising Boolean entities, and fuzzy and distance matching. Wynyard s Foreign Fighter solution rapidly identifies actionable intelligence. DATA SOURCES WYNYARD ACA ANALYST TOOLS User interface allows investigators to develop, evaluate and work leads. ADVANCED ANALYTICS TEXT ANALYTICS/ ENTITY EXTRACTION SOCIAL NETWORKS GEOSPATIAL ANALYSIS TIMELINE ANALYSIS ANOMALY DETECTION RULES ENGINE QUERY & SEARCH CAPABILITIES PATHFINDER QUERIES ABOUT WYNYARD GROUP Wynyard Group is a market leader in serious crime fighting software used by customers in government, financial services and infrastructure critical to a nation. Wynyard s powerful advanced crime analytics and investigations case management products help customers solve and prevent serious organised and trans-national crime, financial crime and threats from new generation extremism and high consequence cyber crime. Wynyard solutions combine next generation big data capability with specialist investigations and intelligence tradecraft in a powerful and secure software platform. Wynyard partners with major systems integrators and some of the world s leading software companies and has operations in the United States, United Kingdom, Canada, Middle East, Australia and New Zealand. For more information visit www.wynyardgroup.com POWERFUL SOFTWARE. FIGHTING SERIOUS CRIME.

INVESTIGATIVE CASE MANAGEMENT Wynyard s Investigative Case Management software is a comprehensive, highly configurable, secure, web-based solution for investigations and case management. Our integrated solution can be used for all investigation and case management requirements without the resource overheads of existing systems. It can easily be deployed at departmental, agency or multi-agency level. It is rich in features and underpinned by robust security and auditing capabilities. ICM HELPS: Enable more effective and efficient case management Integrate case management data with wider intelligence holdings Provide a complete view of the case KEY SOLUTION HIGHLIGHTS is an integrated environment that can manage case and intelligence information. Objects are collectively referred to as entities, all of which can be user defined. Source entities, intelligence records, and information are contained within the same database. Configuration of Wynyard Investigative Case Management is straightforward and can be done without the need for specialist resources, removing extra time, effort and costs involved with change requests. The implementation is simple and can be performed quickly. is used by over 40 agencies world-wide including National Police Forces, Financial Institutions and Justice Agencies. Standardise organisational investigation and case management processes Enhance analysis and provide access to real time data Investigating a case Intuitive visualisation

KEY SOLUTION BENEFITS Highly Configurable can easily be aligned to organisational business processes including configuration of incident reports, cases, case notes, tasks and task results. This can be configured in-house, reducing time and cost. User Security Security features include a robust, detailed security model, which is role-based security and has a full audit capability. Multiple languages provides translation capabilities which can be used to change static application text to a foreign equivalent, or to localise. uses Unicode allowing input in any language. Remote access and case replication Case replication is designed to allow users to access and input case data remotely. Client defined review process Source entities; including case notes, tasks and task results; can be subject to a review process before they are confirmed as a valid component of a case. Client defined, word template reports The case reporting capability allows the user to define which entities, data ranges and attributes are required. This can be done in Microsoft Word format. Connect Intelligence and Investigations data Combine case data with wider intelligence holdings by importing and exporting data into Wynyard Advanced Crime Analytics for more in-depth analysis. Alerting It is possible to configure a number of alerts and triggers based on field / attribute changes, security / permission updates, and covert or overt watches. Wynyard s Investigative Case management software is designed to manage complex investigations. EMPLOYEE INTERVIEWS BANKING RECORDS OPEN SOURCE INTELLIGENCE CCTV EMPLOYEE RECORDS EMAILS INCIDENT FILE OPENED INVESTIGATIONS CASE MANAGMENT REPORT AUTHORITIES NOTIFIED SUBSIDIARY COMPANIES ADVANCED CRIME ANALYTICS OTHER DEPARTMENTS OTHER INCIDENTS ABOUT WYNYARD GROUP Wynyard Group is a market leader in serious crime fighting software used by customers in government, financial services and infrastructure critical to a nation. Wynyard s powerful advanced crime analytics and investigations case management products help customers solve and prevent serious organised and trans-national crime, financial crime and threats from new generation extremism and high consequence cyber crime. Wynyard solutions combine next generation big data capability with specialist investigations and intelligence tradecraft in a powerful and secure software platform. Wynyard partners with major systems integrators and some of the world s leading software companies and has operations in the United States, United Kingdom, Canada, Middle East, Australia and New Zealand. For more information visit www.wynyardgroup.com POWERFUL SOFTWARE. FIGHTING SERIOUS CRIME.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information