The Future of Threat Prevention

Similar documents
SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

RSA NetWitness Suite Respond in Minutes, Not Months

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

Transforming Security from Defense in Depth to Comprehensive Security Assurance

SentryWire Next generation packet capture and network security.

SentryWire Next generation packet capture and network security.

CYBER ANALYTICS. Architecture Overview. Technical Brief. May 2016 novetta.com 2016, Novetta

Managed Endpoint Defense

Novetta Cyber Analytics

WHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION. A Novetta Cyber Analytics Brief

SIEM Solutions from McAfee

CyberArk Privileged Threat Analytics

Compare Security Analytics Solutions

SIEM: Five Requirements that Solve the Bigger Business Issues

Snort: The World s Most Widely Deployed IPS Technology

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Gladiator Incident Alert

Deploying Intrusion Prevention Systems

Rethinking Security: The Need For A Security Delivery Platform

Seceon s Open Threat Management software

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Cisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics

Automated Threat Management - in Real Time. Vectra Networks

Evolution Of Cyber Threats & Defense Approaches

A BETTER PATH: Security Enlightened. Security s Shift to the Cloud

Cisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer

RSA INCIDENT RESPONSE SERVICES

Connection Logging. Introduction to Connection Logging

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

RSA INCIDENT RESPONSE SERVICES

Key Technologies for Security Operations. Copyright 2014 EMC Corporation. All rights reserved.

McAfee Virtual Network Security Platform

Traditional Security Solutions Have Reached Their Limit

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

Connection Logging. About Connection Logging

Cisco Cyber Threat Defense Solution 1.0

IBM Next Generation Intrusion Prevention System

Design and Deployment of SourceFire NGIPS and NGFWL

THE RSA SUITE NETWITNESS REINVENT YOUR SIEM. Presented by: Walter Abeson

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Security analytics: From data to action Visual and analytical approaches to detecting modern adversaries

Speed Up Incident Response with Actionable Forensic Analytics

Agile Security Solutions

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

CYBER ANALYTICS. An Advanced Network- Traffic Analytics Solution

WHITEPAPER THE EVOLUTION OF APPSEC: FROM WAFS TO AUTONOMOUS APPLICATION PROTECTION

Network Security: Firewall, VPN, IDS/IPS, SIEM

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Security Analytics Appliances

SOC AUTOMATION OF THREAT INVESTIGATION

BREACHES HAPPEN: BE PREPARED. Endpoint Detection & Response

AMP-Based Flow Collection. Greg Virgin - RedJack

Cisco ISR G2 Management Overview

Cisco ASA with FirePOWER Services

Advanced Threat Protection Buyer s Guide GUIDANCE TO ADVANCE YOUR ORGANIZATION S SECURITY POSTURE

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Dynamic Datacenter Security Solidex, November 2009

The threat landscape is constantly

Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video

Hidden Figures: Securing what you cannot see

Service Provider Security Architecture

Supporting The Zero Trust Model Of Information Security: The Important Role Of Today s Intrusion Prevention Systems

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

Symantec Network Security 7100 Series

Deep Instinct v2.1 Extension for QRadar

Enterprise Situational Intelligence

MEETING ISO STANDARDS

Securing Your Microsoft Azure Virtual Networks

Rethinking Security CLOUDSEC2016. Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team

An Investment Checklist

A Simple Guide to Understanding EDR

PALANTIR CYBERMESH INTRODUCTION

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Securing Your Amazon Web Services Virtual Networks

Build a Software-Defined Network to Defend your Business

Securing the Software-Defined Data Center

Todays Threat Landscape Cloud / Big data / Mobile Jonathan Martin HP Enterprise Security Products

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

FirePower 2100 NGFW. Elodie Heurtevent Security BDM Commercial. 21 March 2017

Infrastructure Blind Spots Continue to Fuel Personal Data Breaches. Sanjay Raja Lumeta Corporation Lumeta Corporation

Arbor Networks Spectrum. Wim De Niel Consulting Engineer EMEA

Designing an Adaptive Defense Security Architecture. George Chiorescu FireEye

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

SentinelOne Technical Brief

Why we need Intelligent Security? Juha Launonen Sourcefire, Inc.

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

RSA. The security division of EMC. Visibilidad total en el entorno de seguridad. Javier Galvan Systems Engineer Mexico & NOLA

Encrypted Traffic Analytics

Popular SIEM vs aisiem

Strategies for a Successful Security and Digital Transformation

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Security for the real World NG IPS Jean-Paul Kerouanton Sourcefire, Inc.

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

We re Gonna Need a Bigger Boat

Networking Drivers & Trends

Transcription:

The Future of Threat Prevention Bricata is the leading developer of Next Generation Intrusion Prevention Systems (NGIPS) technology, providing innovative, disruptive, high-speed, high-performance network security and data protection solutions. Yasser Mohamed Senior Sales Engineer

About Bricata - Overview Where IDS came from How IPS is different Current threat landscape and challenges How Bricata is different Live demo 2

WAN 3

WAN 4

WAN TAP IDS 5

WAN TAP IDS Passive system Traffic still passes to destination Limited to alerting or TCP resets 6

IPS WAN Active system Sits in-line and can stop attacks immediately Signature based Some include heuristic and anomaly detection 7

Enterprise Data Growth 2005-2015 Source: IDC 8

Data Growth means more data to inspect and process. WAN Legacy IPS solutions cannot handle the traffic alone. 9

To keep up with traffic flow increases, devices are stacked. Stacking WAN 10

To keep up with traffic flow increases, devices are stacked. Stacking WAN Expensive Hard to manage Takes up a lot of space 11

IPS systems are needed to stop 99% or more of known attacks. But targeted Zero-Day attacks can still compromise organizations. Stacking WAN 12

IPS systems are needed to stop 99% or more of known attacks. But targeted Zero-Day attacks can still compromise organizations. Stacking WAN More sophisticated attackers Designed to evade most security devices Time-delay execution Can persist and grow for months or years 13

2014 Threat Report 66% of organizations were notified of a breach by an external entity 229 Days Median number of days attack groups were present on a network before discovery Source: Mandiant 2014 Threat Report 14

The Bricata Difference 15

Ultra High-Speed Performance Stacking 8 RU 60 Gbps 4 RU 100 Gbps 16

Deployed in-line as an active IPS solution Speeds range from 500 Mbps to 300 Gbps WAN Much smaller footprint Lower cost Lower operational expenses Easier to manage 17

BTX New Signatures WAN 18

BTX Simplified GUI New Signatures WAN PCAP Full payload and metadata 1 click query to pull PCAP Rapid investigation Open format Session reconstruction Contextual understanding of security incidents 19

BTX Simplified GUI Unknown Threats New Signatures WAN NEW (v2.0): Threat Regression PCAP What do we know today that we didn t know yesterday 20

21

22

BTX Simplified GUI New Signatures WAN NEW (v2.0): Threat Regression PCAP Breach Detection 23

Bricata ProAccel NGIPS Feature Set At-a-Glance Threat Isolation Engine Traffic monitoring & event management Cassandra data analytics engine Central management console (CMC) for complete dashboard control Log aggregation, correlation & forwarding to SIEM Regularly updated signature library & threat intelligence sharing Data exfiltration prevention automation Full packet capture for complete contextual understanding of security incidents Malware, vulnerabilities that are known and unknown Threat Intelligence Eco-system Port/Protocol independent inspection Custom signature creation GeoIP reputation & location Signature-less detection via Anomaly-based Decision Module Application awareness Full packet capture, NetFlow and contextual analytics Highly scalable global event management Event aggregation, correlation and forwarding 24

Bricata Deployment Options Remote offices and branches Virtual machines (VMs) Tele-workers, partners, and customers 25

Why Bricata: The New, Smarter Breed of Automated Threat Defense Reduced costs by as much as 50% over legacy IPS solutions Created by leading NGIPS experts in the security industry Offers High-speed IPS, full packet capture, and breach detection Exceeds feature parity of other leading NGIPS vendors Leverages your existing FW investment Improves visibility from the core to the perimeter Ease of deployment and management o All legacy SNORT and Suricata rule sets can be ingested with no rewrite Zero Day Threat detection with our Anomaly-based Decision Module Performance Versatility Value 26

Demonstration 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback