Security Monitoring and for Oracle IaaS, PaaS, and SaaS
|
|
- Lester Holmes
- 5 years ago
- Views:
Transcription
1 Security Monitoring and for Oracle IaaS, PaaS, and SaaS Ansh Patnaik VP, Product Management Oracle Ben Nelson VP, Cloud Security Oracle Akshai Duggal Director, Product Management Oracle Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted
2 Safe Harbor Statement The following is intended to outline our general product It is intended for purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or func@onality, and should not be relied upon in making purchasing decisions. The development, release, of any features or func@onality described for Oracle s products remains at the sole discre@on of Oracle. Copyright 2017, Oracle and/or its affiliates. All rights reserved. Confiden@al Oracle Internal/Restricted/Highly Restricted 2
3 Program Agenda Cloud Security Considera@ons Security Monitoring & Analy@cs Cloud Service : Overview Security Monitoring & Analy@cs Cloud Service : Service Architecture Q&A Copyright 2017, Oracle and/or its affiliates. All rights reserved. Confiden@al Oracle Internal/Restricted/Highly Restricted 3
4 Cloud Security Logging, Analysis and Response Ben Nelson Vice President, Oracle Cloud Security Opera<ons Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted 4
5 and Response 3 Fundamentals Logging Coverage and Inventory Log Analysis Response Copyright 2017, Oracle and/or its affiliates. All rights reserved. Confiden@al Oracle Internal/Restricted/Highly Restricted 5
6 Log Coverage and Inventory You can t analyze what you don t have You can t collect what you don t know about Inventory can be hard for many organiza@ons Collec@on should be easy Na@ve OS capabili@es Agents Copyright 2017, Oracle and/or its affiliates. All rights reserved. Confiden@al Oracle Internal/Restricted/Highly Restricted 6
7 Log Analysis Time to evolve. Signature-Based Hundreds of good tools on market 20+ yr old technology Only as good as Your vendor Your security analysts Smart Analysis Machine learning Anomaly Threat intelligence enrichment analysis Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted 7
8 Response Now what?! We have good log coverage We have good analysis and Alerts to humans are good Response from machines is beeer! Automated response is the next step in cybersecurity Humans can t react or respond quickly enough to known issues with known remedia@ons Copyright 2017, Oracle and/or its affiliates. All rights reserved. Confiden@al Oracle Internal/Restricted/Highly Restricted 8
9 The Sliding Scale of Cloud Security Responsibility More Responsibility Less Responsibility SaaS PaaS IaaS Copyright 2017, Oracle and/or its affiliates. All rights reserved. 9
10 Security Monitoring and Cloud Service Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted
11 Security Monitoring and Focus Shrinking Visibility Cloud, BYOD reduce perimeter security efficacy DevOps change rates Shrinking window to catch vulnerable config Growing Gap Zero day aeacks require anomaly Low & slow, threats require sequence awareness Targeted aeacks require awareness Falling Efficiency More assets, more security tools, more alerts Staffing shortages impact on SOC metrics Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted 11
12 Current Approach: Fragmented and Intensive UEBA (User and En1ty Behavior Analy1cs) User context, Anomaly SIEM (Security Informa1on and Event Management) Security context, Rules based Log Management Raw logs, Forensic search, IT ops X challenges X Integra@on, UIs, data models, support X Scale and delivery model differences X High viability and M&A risk X Point app specific state checks Configura<on Management Secure state, configura@on audi@ng Copyright 2017, Oracle and/or its affiliates. All rights reserved. Confiden@al Oracle Internal/Restricted/Highly Restricted 12
13 Security Monitoring and Cloud Service Protect enterprise wide assets from known and zero-day threats Security monitoring visibility across heterogeneous on-premise and cloud assets Efficient SOC monitoring with OOTB content for modern threats (rules, anomalies etc.) threat intelligence context (URL/IP & Detect threats early using machine learning driven analy<cs and visualiza<on Data access (SQL based) anomalies at the user, group, database and level Nuanced anomalies through baselines (ex: user logins host etc.) User session awareness and aeack chain (ex: account hijacking) Harness OMC plaqorm and cross-service context for richer security monitoring aeacks (APT lateral movement) through OMC plasorm topology awareness drit context in security monitoring SOC (account lockouts, port or other change) with OMC Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted 13
14 Oracle Management Cloud Manageability END USER EXPERIENCE APPLICATION MIDDLE TIER DATA TIER VIRTUALIZATION TIER INFRASTRUCTURE TIER VM VM CONTAINER CONTAINER Real Users Synthe<c Users App metrics INCREASED EFFICIENCY Transac<ons Server metrics Diagnos<cs FEWER OUTAGES Logs Host metrics VM metrics Container metrics GREATER AGILITY CMDB Tickets Unified Plasorm Alerts Copyright 2017, Oracle and/or its affiliates. All rights reserved. 14
15 Oracle Management Cloud Security END USER EXPERIENCE APPLICATION MIDDLE TIER DATA TIER VIRTUALIZATION TIER INFRASTRUCTURE TIER VM VM CONTAINER CONTAINER Real Users Synthe<c Users INCREASED EFFICIENCY App metrics Transac<ons FEWER OUTAGES Server metrics Diagnos<cs Logs Host metrics GREATER AGILITY VM metrics Container metrics CMDB Tickets Unified Plasorm BETTER SECURITY Alerts Security Events Configura<on data Iden<ty context Threat intelligence Copyright 2017, Oracle and/or its affiliates. All rights reserved. 15
16 Oracle SOC Framework SOC Dashboard Security Monitoring & Cloud Service CONTENT SECURITY USER SECURITY CONFIGURATION FORENSICS CASB Cloud Service Cloud Service & Compliance Cloud Service Log Cloud Service DATA, TELEMETRY, ANALYTICS AND SECURITY POSTURE data and user threat intelligence, and compliance Automated Response & Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted 16
17 Security Monitoring and Data Flow COLLECT ANALYZE INVESTIGATE RESPOND ANY ACTIVITY Logs, metrics, config (On-premise, cloud) ANALYTICS SOC Analyst, Admin SOC Manager Incident Response Auditors CSO, CIO Rules Machine Learning ANY CONTEXT Assets Users Threats FORMATS Dashboards Reports Search DIMENSIONS Users Assets Threats TRIAGE Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted 17
18 Data Heterogeneous data sources (formats, stacks, Extensive data enrichment asset, threats) Hybrid assessment results IaaS, PaaS, SaaS Cloud Compliance Point Security Infrastructure Host Networking Fusion apps, 3 rd party applica@ons, Custom applica@ons Directory services, Middleware, Database, Hypervisor Windows, Linux, Unix DHCP, DNS, Load balancer, Flow, Router, Switch Firewall, Proxy, VPN, IDS/IPS, AV, DLP, VA scanners, CASB, TIF Copyright 2017, Oracle and/or its affiliates. All rights reserved. Confiden@al Oracle Internal/Restricted/Highly Restricted 18
19 Using Standard Event Format (SEF) event taxonomy for all log data types Auto-mapping for supported sources and extensibility with custom parser Faster onboarding, reduced training for SOC analysts IDCS Login LDAP UserPrincipalName Mapping and Normalized Format Account Name Ac<ve Directory User logon name Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted 19
20 Natural language, device and vendor independent analysis OOTB and extensibility with custom parser Faster onboarding, reduced training for SOC staff Subject: Security ID: S Account Name: <account name> Account Domain: <domain> Logon ID: 0x0 Logon Type: <type> Account For Which Logon Failed: Security ID: S Account Name: <account name> Account Domain: <domain> Failure InformaEon: Failure Reason: Unknown user name Status: 0xc000006d Sub Status: 0xc Process InformaEon: Caller Process ID: 0x0 Caller Process Name: :44: :00 Login using Standard Security with User='dahjkfd' :44: :00 Incorrect login/password :44: :00 MsiSessionManager::LoginStandardUser(User Name=dahjkfd, MachineName=Server Machine: Client Machine: ): AuthenRcaRon failed: hr = %3. Jul 7 10:55:56 srbarriga sshd(pam_unix)[16660]: authen>ca>on failure; logname= uid=0 euid=0 Dy=NODEVssh ruser= rhost= user=root Device Type Event Category Event Outcome Host.windows Authen@ca@on.login Failure Host.linux Authen@ca@on.login Failure Applica@on.BI Authen@ca@on.login Failure Copyright 2017, Oracle and/or its affiliates. All rights reserved. Confiden@al Oracle Internal/Restricted/Highly Restricted 20
21 Analysis: Session Awareness Composite awareness Rich user data model and adapters for data sources enable 360 degree user monitoring across all Security logs are enriched with user context to Logs with explicit context like VPN and IDM are used to sessionize and aeribute to other logs that lack user context Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted 21
22 Analysis: Context Awareness [Context Users Assets Threats Is this a privileged user? Is this user on a watch list? (privileged, terminated, suspicious) Has this user (across iden@@es) taken other anomalous ac@ons? What is the business role, regulatory classifica@on of a targeted asset? Is the to other recent suspicious or anomalous ac@vity? What vulnerabili@es is a server exposed to / not patched for? How reputable is a URL being accessed by an end user? Is the anomalous communica@on with a known malicious IP address? What category of sites poses the most risk given user browsing behavior? Copyright 2017, Oracle and/or its affiliates. All rights reserved. Confiden@al Oracle Internal/Restricted/Highly Restricted 22
23 Analysis: Flexible Engine Insider Threat: Brute force aeack Rule: X failed logins + successful login within 1 min Context: Asset cri@cality = High Compliance: Account misuse (SOX) Rule: User account created & deleted within 24 hours Context: Asset role = Produc@on; User Group = Accoun@ng External Threat: Hijacked account Rule: Simultaneous user login from mul@ple loca@ons Context: Login IP address on Latest Malicious IP watchlist Rules Engine Primi<ves ü Aggrega@on ü Windowing ü Context lookups ü Escala@on (watchlists) ü Sequence ü Presence/Absence Copyright 2017, Oracle and/or its affiliates. All rights reserved. Confiden@al Oracle Internal/Restricted/Highly Restricted 23
24 Analysis: Machine Learning Based Anomaly Mul<-dimensional Anomaly Detec<on Baseline behavior for members AND peer groups (network access) Across dimensions (1me of access, login loca1on, login host) Diane G. is exhibi1ng anomalous access behavior rela1ve to her peers Data Access Anomaly Detec<on Baseline SQL queries executed By a user/group, DB/DB group, or host/applica@on Queries being run against the finance database are anomalous Dynamic Peer Group Iden<fica<on Cluster users based on common behavioral paeerns Iden@fies peer groups across organiza@onal boundaries Alice is in Finance, but her behavior matches a peer group that mostly consists of SysAdmins Copyright 2017, Oracle and/or its affiliates. All rights reserved. Confiden@al Oracle Internal/Restricted/Highly Restricted 24
25 Security Monitoring and Service Architecture Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted 25
26 Security Monitoring and leverages Oracle Management Cloud (OMC) Plasorm Topology awareness Lateral movement within aeack within Execute assessment Change user privileges Cross service visibility assessment results metrics (CPU, memory etc.) Modern service plasorm benefits Scale, Availability, Security Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted 26
27 Security Monitoring and Cloud Service Infrastructure Monitoring Applica<on Performance Monitoring Orchestra<on Log Analy<cs Security Monitoring & Analy<cs Compliance Monitor Asset Anywhere Tradi<onal On Premises Private Cloud Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted 27
28 OMC Client Deployment Architecture SecopsUsers Exadata Servers Windows Servers & Linux VMs Pool of Gateways Accessing Cloud Portal Infrastructure Monitoring Applica<on Performance Monitoring HTTPS Corporate proxy server OMC Cloud Agent on Oracle Cloud Servers Security Monitoring & Analy<cs Orchestra<on Compliance Log Analy<cs Internet Servers Includes SaaS, PaaS, IaaS, Infra Servers, Internal and External Compute, Syslog, Cloud security DC1 /Service firewall Oracle Cloud Data Center DC1 DC2 /Service firewall Oracle Cloud Data Center DC2its affiliates. All rights reserved. Copyright 2017, Oracle and/or Gateway Cloud Agent
29 Conclusion: Security Monitoring & Cloud Service Unified security monitoring (SIEM + UEBA) Protect Against Known and Unknown Threats Universal threat visibility SOC-ready content External threat feeds Advanced Threat Analy@cs and Visualiza@on Unauthorized data access detec@on Mul@-dimensional behavioral anomaly detec@on Session awareness and aeack chain visualiza@on Next-Genera1on Security Solu@on Topology awareness Configura@on change awareness Auto-remedia@on Copyright 2017, Oracle and/or its affiliates. All rights reserved. 29
30 Learn More : Security Monitoring and Analy@cs Demo Grounds Security Monitoring and Analy@cs for Hybrid Cloud Environments with Oracle Management Cloud Con@nuous Compliance Management of Hybrid Cloud Environments with Oracle Management Cloud HOL Security and Compliance for Hybrid Clouds with Oracle Management Cloud HOL7821 Tue Oct 3 and Wed Oct 4 9:45 a.m. - 10:45 a.m. Hilton San Francisco Union Square (Ballroom Level) - Con@nental Ballroom 7 Copyright 2017, Oracle and/or its affiliates. All rights reserved. Confiden@al Oracle Internal/Restricted/Highly Restricted 30
31 Sign Up for Free Trial h\ps://cloud.oracle.com/tryit Copyright 2017, Oracle and/or its affiliates. All rights reserved. Oracle Internal/Restricted/Highly Restricted 31
32 Learn More About Oracle Security Oracle.com/Security /OracleSecurity Copyright 2017, Oracle and/or its affiliates. All rights reserved. 32
33
How to Troubleshoot Databases and Exadata Using Oracle Log Analytics
How to Troubleshoot Databases and Exadata Using Oracle Log Analytics Nima Haddadkaveh Director, Product Management Oracle Management Cloud October, 2018 Copyright 2018, Oracle and/or its affiliates. All
More informationSecurity Readiness Assessment
Security Readiness Assessment Jackson Thomas Senior Manager, Sales Consulting Copyright 2015 Oracle and/or its affiliates. All rights reserved. Cloud Era Requires Identity-Centric Security SaaS PaaS IaaS
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
MMC1532BE Using VMware NSX Cloud for Enhanced Networking and Security for AWS Native Workloads Percy Wadia Amol Tipnis VMworld 2017 Content: Not for publication #VMworld #MMC1532BE Disclaimer This presentation
More informationAutonomous Threat Hun?ng With Niddel And Splunk Enterprise Security: Mars Inc. Customer Case Study
Copyright 2016 Splunk Inc. Autonomous Threat Hun?ng With Niddel And Splunk Enterprise Security: Mars Inc. Customer Case Study Alex Pinto Chief Data Scien?st, Niddel Greg Poniatowski Security Service Area
More informationOracle VM Workshop Applica>on Driven Virtualiza>on
Oracle VM Workshop Applica>on Driven Virtualiza>on Simon COTER Principal Product Manager Oracle VM & VirtualBox simon.coter@oracle.com hnps://blogs.oracle.com/scoter November 25th, 2015 Copyright 2014
More informationCLOUD SERVICES. Cloud Value Assessment.
CLOUD SERVICES Cloud Value Assessment www.cloudcomrade.com Comrade a companion who shares one's ac8vi8es or is a fellow member of an organiza8on 2 Today s Agenda! Why Companies Should Consider Moving Business
More informationMonitoring & Analy.cs Working Group Ini.a.ve PoC Setup & Guidelines
Monitoring & Analy.cs Working Group Ini.a.ve PoC Setup & Guidelines Copyright 2017 Open Networking User Group. All Rights Reserved Confiden@al Not For Distribu@on Outline ONUG PoC Right Stuff Innova@on
More informationCopyright 2018, Oracle and/or its affiliates. All rights reserved.
Beyond SQL Tuning: Insider's Guide to Maximizing SQL Performance Monday, Oct 22 10:30 a.m. - 11:15 a.m. Marriott Marquis (Golden Gate Level) - Golden Gate A Ashish Agrawal Group Product Manager Oracle
More informationTRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald
TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE John McDonald 1 What is Trust? Can I trust that my assets will be available when I need them? Availability Critical Assets Security Can I trust
More informationThe Oracle Trust Fabric Securing the Cloud Journey
The Oracle Trust Fabric Securing the Cloud Journey Eric Olden Senior Vice President and General Manager Cloud Security and Identity 05.07.2018 Safe Harbor Statement The following is intended to outline
More informationIBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan
IBM Cloud Security for the Cloud Amr Ismail Security Solutions Sales Leader Middle East & Pakistan Today s Drivers for Cloud Adoption ELASTIC LOWER COST SOLVES SKILLS SHORTAGE RAPID INNOVATION GREATER
More informationIntelligent Edge Protection
Intelligent Edge Protection Sicherheit im Zeitalter von IoT und Mobility September 26, 2017 Flexible consumption Beacons, sensors and geo-positioning Driven by agile DevOps Mobile users, apps and devices
More informationUnlocking the Power of the Cloud
TRANSFORM YOUR BUSINESS With Smarter IT Unlocking the Power of the Cloud Hybrid Networking Managed Security Cloud Communications Software-defined solutions that adapt to the shape of your business The
More informationCrea?ng Cloud Apps with Oracle Applica?on Builder Cloud Service
Crea?ng Cloud Apps with Oracle Applica?on Builder Cloud Service Shay Shmeltzer Director of Product Management Oracle Development Tools and Frameworks @JDevShay hpp://blogs.oracle.com/shay This App you
More informationBusiness Case Components
How to Build A SOC Agenda Mission Business Case Components Regulatory requirements SOC Terminology Technology Components Events categories Staff Requirements Organiza>on s Considera>ons Training Requirements
More informationZero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers
Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere How Okta enables a Zero Trust solution for our customers Okta Inc. 301 Brannan Street, Suite 300 San Francisco, CA 94107 info@okta.com
More informationQualys Cloud Platform
18 QUALYS SECURITY CONFERENCE 2018 Qualys Cloud Platform Looking Under the Hood: What Makes Our Cloud Platform so Scalable and Powerful Dilip Bachwani Vice President, Engineering, Qualys, Inc. Cloud Platform
More information2-4 April 2019 Taets Art and Event Park, Amsterdam CLICK TO KNOW MORE
Co-Host Host 2-4 April 2019 Taets Art and Event Park, Amsterdam CLICK TO KNOW MORE Oracle Cloud Computing Strategy Han Wammes Public Sector Market Development Manager 1 Copyright 2012, Oracle and/or its
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
MGT1758BE Effectively Operating an Automated Cloud Jad El-Zein @virtualjad Vincent Meoc @vmeoc #VMworld #MGT1758BE Disclaimer This presentation may contain product features that are currently under development.
More informationUn SOC avanzato per una efficace risposta al cybercrime
Un SOC avanzato per una efficace risposta al cybercrime Identificazione e conferma di un incidente @RSAEMEA #RSAEMEASummit @masiste75 Mauro Costantini - Presales Consultant Agenda A look into the threat
More informationFROM SIEM TO SOC: CROSSING THE CYBERSECURITY CHASM
SESSION ID: TECH-F02 FROM SIEM TO SOC: CROSSING THE CYBERSECURITY CHASM Mike Ostrowski VP Proficio @proficioinc EXPERIENCE FROM THE CHASM Managed Detection and Response Service Provider Three Global Security
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationConnecting your Microservices and Cloud Services with Oracle Integration CON7348
Connecting your Microservices and Cloud Services with Oracle Integration CON7348 Robert Wunderlich Sr. Principal Product Manager September 19, 2016 Copyright 2016, Oracle and/or its affiliates. All rights
More informationRSA Security Analytics
RSA Security Analytics This is what SIEM was Meant to Be 1 The Original Intent of SIEM Single compliance & security interface Analyze & prioritize alerts across various sources The cornerstone of security
More informationQualys Cloud Platform
Qualys Cloud Platform Our Journey into the Cloud: The Qualys Cloud Platform & Architecture Thomas Wendt Regional Manager Post-Sales, DACH, Qualys Inc. Digital Transformation More than just adopting new
More informationSymantec Data Loss Preven2on 12.5 Demo Presenta2on
Symantec Data Loss Preven2on 12.5 Demo Presenta2on 1 Our Understanding PROJECT DRIVERS & DATA TO PROTECT Regulatory compliance PCI, GLBA Data inventory and cleansing SSNs, CCNs [Replace these bullet points
More informationGeIng Deeper Insights into your and Storage with Splunk
Copyright 2014 Splunk Inc. GeIng Deeper Insights into your Virtualiza@on and Storage with Splunk Stela Udovicic Sr. Product Marke@ng Manager, Splunk Michael Donnelly Senior SE, Virtualiza@on Technologies
More informationAutomating Security Practices for the DevOps Revolution
Automating Security Practices for the DevOps Revolution Hari Srinivasan Director Product Management, Cloud and Virtualization Security Qualys Inc. 1 Qualys, Inc. 2018 Agenda Transformation of today s IT
More informationMEETING ISO STANDARDS
WHITE PAPER MEETING ISO 27002 STANDARDS September 2018 SECURITY GUIDELINE COMPLIANCE Organizations have seen a rapid increase in malicious insider threats, sensitive data exfiltration, and other advanced
More informationCybersecurity Roadmap: Global Healthcare Security Architecture
SESSION ID: TECH-W02F Cybersecurity Roadmap: Global Healthcare Security Architecture Nick H. Yoo Chief Security Architect Disclosure No affiliation to any vendor products No vendor endorsements Products
More informationTHE IMPACT OF HYBRID AND MULTI CLOUDS TO CYBERSECURITY PRIORITIES
SESSION ID: STR-R14 THE IMPACT OF HYBRID AND MULTI CLOUDS TO CYBERSECURITY PRIORITIES Doug Cahill Group Director and Senior Analyst Enterprise Strategy Group @dougcahill WHO IS THIS GUY? Topics The Composition
More informationSOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.
More informationAlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment
BRKPAR-2488 AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment Edy Almer How to Secure and Automate Your Heterogeneous Cisco Environment Yogesh Kaushik, Senior Director Cisco Doug
More informationUNIFICATION OF TECHNOLOGIES
UNIFICATION OF TECHNOLOGIES SIEM Management Incident Management Risk Intelligence Storage Detection Prevention Awareness Security Technology IDS/IPS WIDS Vulnerability Assessment Identity Unified SIEM
More informationMicrosoft Security Management
Microsoft Security Management MICROSOFT SECURITY MANAGEMENT SECURITY MANAGEMENT CHALLENGES Some large financial services organizations have as many as 40 or more different security vendors inside their
More informationMySQL CLOUD SERVICE. Propel Innovation and Time-to-Market
MySQL CLOUD SERVICE Propel Innovation and Time-to-Market The #1 open source database in Oracle. Looking to drive digital transformation initiatives and deliver new modern applications? Oracle MySQL Service
More informationThe New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments
The New Normal Unique Challenges When Monitoring Hybrid Cloud Environments The Evolving Cybersecurity Landscape Every day, the cybersecurity landscape is expanding around us. Each new device connected
More informationSecurity Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis
Security Automation Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis Network Admission Control See Managed Unmanaged Computing
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More information85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges
Do You Have A Firewall Around Your Cloud? California Cybersecurity Education Summit 2018 Tyson Moler Oracle Security, North America Public Sector Conquering The Big Threats & Challenges Real Life Threats
More informationBuilding a Big IaaS Cloud. David /
Building a Big IaaS Cloud David Nalley @ke4qqq ke4qqq@apache.org / david@gnsa.us #whoami Recovering Sysadmin F/LOSS contributor Committer on Apache CloudStack Assumptions You have a need for an IaaS compute
More informationNetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.
NetWitness Overview 1 The Current Scenario APT Network Security Today Network-layer / perimeter-based Dependent on signatures, statistical methods, foreknowledge of adversary attacks High failure rate
More informationRSA IT Security Risk Management
RSA IT Security Risk Adding Insight to Security March 18, 2014 Wael Jaroudi GRC Sales Specialist 1 Where is Security Today? Companies have built layer upon layer of security, but is it helping? Complexity
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationPrivilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer
Privilege Security & Next-Generation Technology Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com Agenda The Next-Gen Threat Landscape o Infomatics, Breaches & the Attack Chain o Securing
More informationTop 10 use cases of HP ArcSight Logger
Top 10 use cases of HP ArcSight Logger Sridhar Karnam @Sri747 Karnam@hp.com #HPSecure Big data is driving innovation The Big Data will continue to expand Collect Big Data for analytics Store Big Data for
More informationTransforming Security Part 2: From the Device to the Data Center
SESSION ID: SP01-R11 Transforming Security Part 2: From the Device to the Data Center John Britton Director, EUC Security VMware @RandomDevice The datacenter as a hospital 3 4 5 Digital transformation
More informationSIEMLESS THREAT MANAGEMENT
SOLUTION BRIEF: SIEMLESS THREAT MANAGEMENT SECURITY AND COMPLIANCE COVERAGE FOR APPLICATIONS IN ANY ENVIRONMENT Evolving threats, expanding compliance risks, and resource constraints require a new approach.
More informationAgenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options
Agenda Why we need a new approach to endpoint security Introducing Sophos Intercept X Demonstration / Feature Walk Through Deployment Options Q & A 2 Endpoint Security has reached a Tipping Point Attacks
More informationData Protection Modernization: Meeting the Challenges of a Changing IT Landscape
Data Protection Modernization: Meeting the Challenges of a Changing IT Landscape Tom Clark IBM Distinguished Engineer, Chief Architect Software 1 Data growth is continuing to explode Sensors & Devices
More informationCato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief
Cato Cloud Software-defined and cloud-based secure enterprise network Solution Brief Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise Cato Networks: Software-defined and Cloud-based
More informationMulti-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)
Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr) Jeremy Oakey - Sr. Director, Technical Marketing & Integrations BRKCLD-2008 Agenda Introduction Architecture
More informationSIEM Solutions from McAfee
SIEM Solutions from McAfee Monitor. Prioritize. Investigate. Respond. Today s security information and event management (SIEM) solutions need to be able to identify and defend against attacks within an
More informationOracle Enterprise Manager 12c IBM DB2 Database Plug-in
Oracle Enterprise Manager 12c IBM DB2 Database Plug-in May 2015 Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only, and
More informationTRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. Ralf Kaltenbach, Regional Director RSA Germany
TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE Ralf Kaltenbach, Regional Director RSA Germany 1 TRUSTED IT Continuous Availability of Applications, Systems and Data Data Protection with Integrated
More informationAnalytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS
Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS Overview Cyberattacks are increasingly getting more frequent, more sophisticated and more widespread than ever
More informationChallenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9
HAWK Overview Agenda Contents Slide Challenges 3 HAWK Introduction 4 Key Benefits 6 About Gavin Technologies 7 Our Security Practice 8 Security Services Approach 9 Why Gavin Technologies 10 Key Clients
More informationSecuring Your Cloud Introduction Presentation
Securing Your Cloud Introduction Presentation Slides originally created by IBM Partial deck derived by Continental Resources, Inc. (ConRes) Security Division Revision March 17, 2017 1 IBM Security Today
More informationDesigning and Building a Cybersecurity Program
Designing and Building a Cybersecurity Program Based on the NIST Cybersecurity Framework (CSF) Larry Wilson lwilson@umassp.edu ISACA Breakfast Meeting January, 2016 Designing & Building a Cybersecurity
More informationStandalone to SQL Server HA Clusters in Minutes.
Standalone to SQL Server HA Clusters in Minutes Connor.Cox@DH2i.com Failover Cluster Instances Instance- level failover Applica:on, OS, and infrastructure protec:on Fast, automated failover Free hdps://technet.microsog.com/en-
More informationThe Evolution of Data Center Security, Risk and Compliance
#SymVisionEmea #SymVisionEmea The Evolution of Data Center Security, Risk and Compliance Taha Karim / Patrice Payen The Adoption Curve Virtualization is being stalled due to concerns around Security and
More informationSOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM
RSA NETWITNESS EVOLVED SIEM OVERVIEW A SIEM is technology originally intended for compliance and log management. Later, as SIEMs became the aggregation points for security alerts, they began to be more
More information12,000+ Associates. Worldwide. Worldwide. 36 Countries. Customer Base 230+ Infra Supported Data Centers. 300,000+ End Users.
Tech Mahindra IT Infrastructure Management Services (IMS) offers a suite of reliable, responsive, flexible and proven Infrastructure services and solutions that deliver differentiated value to our customers
More informationOracle Enterprise Manager 12c Sybase ASE Database Plug-in
Oracle Enterprise Manager 12c Sybase ASE Database Plug-in May 2015 Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes only,
More information10x Increase Your Team s Effectiveness by Automating the Boring Stuff
SESSION ID: TTA-R02 10x Increase Your Team s Effectiveness by Automating the Boring Stuff Jonathan Trull Chief Cybersecurity Advisor Microsoft @jonathantrull Vidhi Agarwal Senior Program Manager Microsoft
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationWhy the cloud matters?
Why the cloud matters? Speed and Business Impact Expertise and Performance Cost Reduction Trend Micro Datacenter & Cloud Security Vision Enable enterprises to use private and public cloud computing with
More informationCYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO
CYBER RISK MANAGEMENT: ADDRESSING THE CHALLENGE SIMON CRUMPLIN, FOUNDER & CEO INFORMATION SECURITY PAINS CISO RESPONSIBILITY WITHOUT AUTHORITY INVENTORY TO MANAGE ALERTS WITHOUT MEANING ASSETS SPREAD ACROSS
More informationThe Why, What, and How of Cisco Tetration
The Why, What, and How of Cisco Tetration Why Cisco Tetration? With the above trends as a backdrop, Cisco has seen specific changes within the multicloud data center. Infrastructure is changing. It is
More informationEXTENDING BEHAVIORAL INSIGHTS INTO RISK-ADAPTIVE PROTECTION & ENFORCEMENT
SESSION ID: SPO1-T10 EXTENDING BEHAVIORAL INSIGHTS INTO RISK-ADAPTIVE PROTECTION & ENFORCEMENT Guy Filippelli Vice President of User and Data Security Solutions Forcepoint Meerah Rajavel Chief Information
More informationStay Informed During and AEer OpenWorld
Stay Informed During and AEer OpenWorld TwiIer: @OracleBigData, @OracleExadata, @Infrastructure Follow #CloudReady LinkedIn: Oracle IT Infrastructure Oracle Showcase Page Oracle Big Data Oracle Showcase
More informationAssessing Medical Device. Cyber Risks in a Healthcare. Environment
Assessing Medical Device Medical Devices Security Cyber Risks in a Healthcare Phil Englert Director Technology Operations Environment Catholic Health Ini
More informationForeScout Extended Module for Carbon Black
ForeScout Extended Module for Carbon Black Version 1.0 Table of Contents About the Carbon Black Integration... 4 Advanced Threat Detection with the IOC Scanner Plugin... 4 Use Cases... 5 Carbon Black Agent
More information1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7
1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 ORACLE PRODUCT LOGO 20. oktober 2011 Hotel Europa Sarajevo Platform
More informationMAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER
MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric
More informationRegaining Our Lost Visibility
18 QUALYS SECURITY CONFERENCE 2018 Regaining Our Lost Visibility Sumedh Thakar Chief Product Officer, Qualys, Inc. Agenda Why are we doing what we are doing? The State of IT Now Security Today The Future
More informationRisk- based Security Analytics for Effective APT Defense
Copyright 2012 Splunk Inc. Risk- based Security Analytics for Effective APT Defense Paul Pang Chief Security Strategist, APAC & Japan Security Analytics Methodology! Correlation(Patterns between different
More informationMigrating Oracle E Business Suite to Oracle's IaaS: Best Practices
Migrating Oracle E Business Suite to Oracle's IaaS: Best Practices Satyendra Pasalapudi Director Cloud Services Apps Associates APAC OTN TOUR 2016 Sydney October 31 st 2016 Copyright 2016. Apps Associates
More informationCloud Adop)on, Risks & Security & GDPR An Ac)on Guide
April 2016 Cloud Adop)on, Risks & Security & GDPR An Ac)on Guide Nigel Hawthorn, Skyhigh Networks Cloud Adop)on and Risk Agenda Skyhigh Networks An Introduc)on European Cloud Adop)on and Risk Report Q1
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationSobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.
Sobering statistics The frequency and sophistication of cybersecurity attacks are getting worse. 146 >63% $500B $3.8M The median # of days that attackers reside within a victim s network before detection
More informationHCX SERVER PRODUCT BRIEF & TECHNICAL FEATURES SUMMARY
PRODUCT BRIEF & TECHNICAL FEATURES SUMMARY PRODUCT BRIEF A SERVER OPTIMIZED FOR A HYBRID WORLD The HCX Server is a Windows Server pre-bundled with integrated core IT services designed for small and midsize
More informationSANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045
Critical Security Control Solution Brief Version 6 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable,
More informationWhat s New in Netwrix Auditor 9.7
What s New in Netwrix Auditor 9.7 Jeff Melnick Manager, Pre-Sales Engineering Jeff.Melnick@netwrix.com Agenda What s New in Netwrix Auditor 9.7 Briefly About Netwrix Auditor Q&A Prize Drawing INTRODUCING
More informationThreat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ
Threat Containment and Operations Yong Kwang Kek, Director of Presales SE, APJ 2018-07-19 1 1 2017 Infoblox Inc. All Rights 2013 Infoblox Inc. All Reserved. Rights Reserved. Three Aspects of Security #1
More informationNOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect
NOTHING IS WHAT IT SIEMs: COVER PAGE Simpler Way to Effective Threat Management TEMPLATE Dan Pitman Principal Security Architect Cybersecurity is harder than it should be 2 SIEM can be harder than it should
More informationNext-Gen CASB. Patrick Koh Bitglass
Next-Gen CASB Patrick Koh Bitglass pkoh@bitglass.com www.cloudsec.com WW Cloud Service Adoption https://www.gartner.com/newsroom/id/3815165 "As of 2016, approximately 17 percent of the total market revenue
More informationForeScout Extended Module for Splunk
Enterprise Strategy Group Getting to the bigger truth. ESG Lab Review ForeScout Extended Module for Splunk Date: May 2017 Author: Tony Palmer, Senior Lab Analyst Abstract This report provides a first look
More informationCon$nuous Audi$ng and Risk Management in Cloud Compu$ng
Con$nuous Audi$ng and Risk Management in Cloud Compu$ng Marcus Spies Chair of Knowledge Management LMU University of Munich Scien$fic / Technical Director of EU Integrated Research Project MUSING Cloud
More informationNetwrix Auditor. Visibility platform for user behavior analysis and risk mitigation. Mason Takacs Systems Engineer
Netwrix Auditor Visibility platform for user behavior analysis and risk mitigation Mason Takacs Systems Engineer Agenda Product Overview Product Demonstration Q&A About Netwrix Auditor Netwrix Auditor
More information1 Modular architecture
1 Modular architecture UI customization IIS ID assignment Authorizer selection HTML/CSS/JS HTML/CSS/JS skin skin API User module Admin module Attribute validation Resource assignment Escalation / delegation
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationInfrastructure Analy=cs: Driving Outcomes through Prac=cal Uses and Applied Data Science at Cisco
Copyright 2016 Splunk Inc. Infrastructure Analy=cs: Driving Outcomes through Prac=cal Uses and Applied Data Science at Cisco MaM Birkner Ian Hasund Robert Novak Dis=nguished Engineer, Cisco Chief Architect,
More informationCSP 2017 Network Virtualisation and Security Scott McKinnon
CSP 2017 Network Virtualisation and Security Scott McKinnon smckinnon@vmware.com Security Lead, Northern EMEA Network & Security, VMware Disclaimer This presentation may contain product features that are
More informationVirtual Tech Update Intercloud Fabric. Michael Petersen Systems Engineer, Cisco Denmark
Virtual Tech Update Intercloud Fabric Michael Petersen Systems Engineer, Cisco Denmark michaep2@cisco.com Agenda Introduction Intercloud and Intercloud Fabric Intercloud Fabric - New Features Intercloud
More informationSecuring the Modern Data Center with Trend Micro Deep Security
Advania Fall Conference Securing the Modern Data Center with Trend Micro Deep Security Okan Kalak, Senior Sales Engineer okan@trendmicro.no Infrastructure change Containers 1011 0100 0010 Serverless Public
More informationTrust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved
Trust in the Cloud Mike Foley RSA Virtualization Evangelist 2009/2010/2011 1 2010 VMware Inc. All rights reserved Agenda How do you solve for Trust = Visibility + Control? What s needed to build a Trusted
More informationHOW CLOUD, MOBILITY AND SHIFTING APP ARCHITECTURES WILL TRANSFORM SECURITY: GAINING THE HOME-COURT ADVANTAGE
#RSAC SESSION ID: SPO3-T07 HOW CLOUD, MOBILITY AND SHIFTING APP ARCHITECTURES WILL TRANSFORM SECURITY: GAINING THE HOME-COURT ADVANTAGE Tom Corn Senior Vice President/GM Security Products VMware @therealtomcorn
More information