Fidelis Overview. 15 August 2016 ISC2 Cyber Defense Forum

Similar documents
Fidelis Overview. ISC 2 DoD and Industry Forum. Rapid Detection and Automated Incident Response DoD & Commercial Active Defense Use Cases

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

RSA NetWitness Suite Respond in Minutes, Not Months

Integrated, Intelligence driven Cyber Threat Hunting

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security

DATA SHEET RSA NETWITNESS PLATFORM PROFESSIONAL SERVICES ACCELERATE TIME-TO-VALUE & MAXIMIZE ROI

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

THE RSA SUITE NETWITNESS REINVENT YOUR SIEM. Presented by: Walter Abeson

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Are we breached? Deloitte's Cyber Threat Hunting

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

The Resilient Incident Response Platform

External Supplier Control Obligations. Cyber Security

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Key Technologies for Security Operations. Copyright 2014 EMC Corporation. All rights reserved.

PROTECTION FOR WORKSTATIONS, SERVERS, AND TERMINAL DEVICES ENDPOINT SECURITY NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

INTRODUCTION. We would like to thank HelpSystems for supporting this unique research. We hope you will enjoy the report.

DFARS Compliance. SLAIT Consulting SECURITY SERVICES. Mike D Arezzo Director of Security Services. SLAITCONSULTING.com

Reinvent Your 2013 Security Management Strategy

PROFESSIONAL SERVICES (Solution Brief)

locuz.com SOC Services

WHITEPAPER. Enterprise Cyber Risk Management Protecting IT Assets that Matter

Critical Hygiene for Preventing Major Breaches

White Paper. How to Write an MSSP RFP

WHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION. A Novetta Cyber Analytics Brief

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

WHITEPAPER ATTIVO NETWORKS DECEPTION TECHNOLOGY FOR MERGERS AND ACQUISITIONS

Building a Threat-Based Cyber Team

CYBER RESILIENCE & INCIDENT RESPONSE

ENDPOINT SECURITY STORMSHIELD PROTECTION FOR WORKSTATIONS. Protection for workstations, servers, and terminal devices

NISTCSF.COM. NIST Cybersecurity Framework (NCSF) Workforce Development Solutions

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

NISTCSF.COM. NIST Cybersecurity Framework (NCSF) Workforce Development Solutions

BUILDING AND MAINTAINING SOC

भ रत य ररज़र व ब क. Setting up and Operationalising Cyber Security Operation Centre (C-SOC)

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

Pieter Wigleven Windows Technical Specialist

Sustainable Security Operations

Detect Fraud & Financial Crime

SIEM Solutions from McAfee

Combating Cyber Risk in the Supply Chain

INCIDENT RESPONDER'S FIELD GUIDE INCIDENT RESPONDER'S INCIDENT RESPONSE PLAN FIELD GUIDE LESSONS FROM A FORTUNE 100 INCIDENT RESPONSE LEADER

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Digital Forensics Readiness PREPARE BEFORE AN INCIDENT HAPPENS

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Risk: Security s New Compliance. Torsten George VP Worldwide Marketing and Products, Agiliance Professional Strategies - S23

The Rise of the Purple Team

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

CloudSOC and Security.cloud for Microsoft Office 365

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

How Vectra Cognito enables the implementation of an adaptive security architecture

SHARKSEER Zero Day Net Defense. Ronald Nielson Technical Director

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

Water Information Sharing and Analysis Center

Arbor Networks Spectrum. Wim De Niel Consulting Engineer EMEA

CipherCloud CASB+ Connector for ServiceNow

Compare Security Analytics Solutions

RSA INCIDENT RESPONSE SERVICES

4/13/2018. Certified Analyst Program Infosheet

RSA ADVANCED SOC SERVICES

DISA Cybersecurity Service Provider (CSSP)

NIST Special Publication

NEXT GENERATION SECURITY OPERATIONS CENTER

Defense in Depth Security in the Enterprise

The New Era of Cognitive Security

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

SOC AUTOMATION OF THREAT INVESTIGATION

Transforming Security from Defense in Depth to Comprehensive Security Assurance

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

Cyber Analyst Academy. Closing the Cyber Security Skills Gap.

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

Incident Response Agility: Leverage the Past and Present into the Future

EXPERT SERVICES FOR IoT CYBERSECURITY AND RISK MANAGEMENT. An Insight Cyber White Paper. Copyright Insight Cyber All rights reserved.

McAfee Endpoint Threat Defense and Response Family

RSA INCIDENT RESPONSE SERVICES

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

Cybersecurity is a Journey and Not a Destination: Developing a risk management culture in your business. Thursday, May 21, 2015

Cybersecurity Auditing in an Unsecure World

Novetta Cyber Analytics

Tripwire State of Cyber Hygiene Report

Getting over Ransomware - Plan your Strategy for more Advanced Threats

OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER

Click to edit Master title style. DIY vs. Managed SIEM

Insider Threat Detection Including review of 2017 SolarWinds Federal Cybersecurity Survey

The GenCyber Program. By Chris Ralph

EXABEAM HELPS PROTECT INFORMATION SYSTEMS

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Virus Outbreak

McAfee Advanced Threat Defense

THREAT INTEL AND CONTENT CURATION: ORGANIZING THE PATH TO SUCCESSFUL DETECTION

Make IR Effective with Risk Evaluation and Reporting

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

Cyber Security For Business

Managed Security Services - Endpoint Managed Security on Cloud

Transcription:

Fidelis Overview 15 August 2016 ISC2 Cyber Defense Forum

Fidelis Cybersecurity EST. 2002 T HE W O RLD S M O ST VAL U ABLE BR AND S USE FIDELIS* I N D U S T R I E S W E S E R V E Defense Contractors Financial Services Government Health Care Insurance Professional Services Education Manufacturing Energy Pharmaceuticals Retail Technology Telecom Utilities Canadian Tire Comprehensive VISIBILITY // Automated real-time PREVENTION // Focused Incident Response ACTION 2

The Threat Timeline Attacker Timeline Time-to- Compromise Milliseconds to Minutes Time-to- Exfiltration Minutes to Days Data Exfiltration Window Months to Years Defender Timeline Time-to- Prevention Milliseconds to Minutes Time-to-Discovery Months to Years Time-to-Containment Days to Weeks Defense Options: 1.Prevent the Initial Compromise 2.Compress or Eliminate the Data Exfiltration Window by reducing the Time-to-Discovery and Time-to-Containment Speed Matters you are in a race with the attacker! 3

Network Assessment Focus Cyber Protection Team Customer Examples USBICES-Battlefield Information Collection and Exploitation Systems USAF/Navy CPT DTRA-Defense Threat Reduction Agency DISA JRSS-Joint Regional Security Stack Pentagon JSP-Joint Services Pentagon DHA-Defense Health Agency Fidelis Functional Attributes Continuous Monitoring Vulnerability Assessment Active Detection, Prevention & Response Forensic Investigation Portable, Extensible, Zero Operational Impact Virtual Machine Platform Results Actionable Forensics Threat/Violation Detail Metadata/PCAP Risk Scorecard Enterprise Internal Segments Analyst Auditor Deployer 4

Technology Applied to Mission Requirements Technology Focus DETECT ATTACKS OTHER SOLUTIONS MISS Fidelis Credentials US Army US Air Force DISA UC APL Navy DHS HQ Various Intelligence Agencies FIPS 140-2 Pen Tested STOP INVESTIGATE NIAP Common Criteria attacks and prevent data theft and triage security incidents STIG & ACAS Artifacts Government Test Results IPv6 Compliant Customer Benefits All-in-one Cyber Defense Technology Advanced Threats, Data Theft, Automated Forensic Detail, Incident Response Real Time Visiblity DEEP Session Inspection Decodes and Analyzes ALL Content across ALL Port, Protocol and Applications Manpower Reduction through Automation Hunting with Recursive Detection, Reporting and Evidence Package Creation Proven Detection Approach Blends Behavior & Heuristic Analytics, Malware Detection & Detonation, 53 Independent Intelligence Feeds and Customer Policies & Intelligence Customer Requirements Addressed Malware Detection Command & Control Sandbox Detonation Data Theft/Loss Protection Classified Spillage Lateral Propagation SIEM & Endpoint Integration Meta Data Collection Centralized Visibility Remote Management Virtual Machine Software Delivery Continuous Monitoring Proactive Hunting Incident Response Forensic Reporting Evidence Collection Compliance Auditing 5. All rights reserved.

Automating Real-Time Prevention & Response Continuous Monitoring ALL 65,535 ports Content Inspection for Applications & Protocols Supports Cyber Compliance, Audits & Network Assessments Not just SIGNATURE Inspection Heuristics, Anomaly, Behavior, Customer Policies, Intelligence (Indicators of Compromise) Monitor Detect Automated Detection/Prevention Malware, Data Theft, Insider Threat Integration with SIEM (SPLUNK, Arcsight, etc.) Closes Detection Gap Left by NGFW/IPS Full Malware Sandbox/Detonation Chamber Automated Response Focuses Workflow for Incident Response Aligns Network & Endpoint Remediation Comprehensive Metadata for Hunting Respond Analyze Automated Analysis Forensic Decode & Evidence Packages Focuses Tier 1 Staff Minimizes Tier 3 Staff Involvement Threat Feed & SOC/CERT Integration Multi-Purpose Cyber Monitoring, Defense, Analysis and Response from SINGLE Solution. 6

Demo Use Cases Objectives: Demonstrate how operational customers utilize Fidelis for Detection, Prevention, Forensic Collection and Continuous Monitoring. Use Cases: Malware Insider Threat Data Theft-Personally Identifiable Info/Classified Spillage 7

Points of Contact Questions Government Test Reports and References Technology Proof of Concepts/Demonstrations Please Contact: Federal Business Director Vincent.Holtmann@fidelissecurity.com 210-296-4576

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback