Protecting organisations from the ever evolving Cyber Threat

Similar documents
Incident Response Services to Help You Prepare for and Quickly Respond to Security Incidents

Incident Response Services

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat

BUILDING AND MAINTAINING SOC

IPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions

RSA NetWitness Suite Respond in Minutes, Not Months

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

IT SECURITY OFFICER. Department: Information Technology. Pay Range: Professional 18

Cyber Security Technologies

Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response

Securing Your Digital Transformation

MANAGED DETECTION AND RESPONSE

Background FAST FACTS

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 04/12/2017

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Click to edit Master title style. DIY vs. Managed SIEM

Best Practices in Securing a Multicloud World

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

Designing an Adaptive Defense Security Architecture. George Chiorescu FireEye

CYBER RESILIENCE & INCIDENT RESPONSE

From Managed Security Services to the next evolution of CyberSoc Services

ForeScout Extended Module for Splunk

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Technology Roadmap for Managed IT and Security. Michael Kirby II, Scott Yoshimura 05/24/2017

Security Monitoring Engineer / (NY or NC) Director, Information Security. New York, NY or Winston-Salem, NC. Location:

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

Information Security Specialist. IPS effectiveness

Symantec Security Monitoring Services

locuz.com SOC Services

Reducing the Cost of Incident Response

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

4/13/2018. Certified Analyst Program Infosheet

The New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments

CYBER THREAT INTEL: A STATE OF MIND. Internal Audit, Risk, Business & Technology Consulting

EFFECTIVELY TARGETING ADVANCED THREATS. Terry Sangha Sales Engineer at Trustwave

Le sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

to Enhance Your Cyber Security Needs

State of Security Operations

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

PRODUCT OVERVIEW. On-demand threat investigation, root cause analysis and remediation advice without the need for extra internal resources

STOPS CYBER ATTACKS BEFORE THEY STOP YOU. Prepare, recognize, and respond to today s attacks earlier with Verizon Security Solutions.

Integrated, Intelligence driven Cyber Threat Hunting

Next Generation Authentication

deep (i) the most advanced solution for managed security services

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

SECURITY OPERATIONS CENTER BUY BUILD BUY. vs. Which Solution is Right for You?

Cognizant Cloud Security Solution

Cyber Risk Program Maturity Assessment UNDERSTAND AND MANAGE YOUR ORGANIZATION S CYBER RISK.

Qualys Cloud Platform

Qualys Cloud Platform

Popular SIEM vs aisiem

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

YOU VE GOT 99 PROBLEMS AND A BUDGET S ONE

FOUR WAYS TO IMPROVE ENDPOINT SECURITY: MOVING BEYOND TRADITIONAL APPROACHES

THE ACCENTURE CYBER DEFENSE SOLUTION

Designing and Building a Cybersecurity Program

WA Govt Changing Cyber Security Landscape

esendpoint Next-gen endpoint threat detection and response

2018 THALES DATA THREAT REPORT

SIEM Solutions from McAfee

PONEMON INSTITUTE RESEARCH REPORT 2018 STUDY ON GLOBAL MEGATRENDS IN CYBERSECURITY

WHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale

AKAMAI CLOUD SECURITY SOLUTIONS

SIEMLESS THREAT MANAGEMENT

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

Everything visible. Everything secure.

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

WHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS

How Breaches Really Happen

CompTIA Cybersecurity Analyst+

Simplify Your Network Security with All-In-One Unified Threat Management

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Automated Context and Incident Response

Global Response Centre (GRC) & CIRT Lite. Regional Cyber security Forum 2009, Hyderabad, India 23 rd to 25 th September 2009

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access

SOLUTION BRIEF Virtual CISO

Security

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Cloud Transformation Program Cloud Change Champions June 20, 2018

HOSTED SECURITY SERVICES

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

Defining cybersecurity.

ALIENVAULT USM FOR AWS SOLUTION GUIDE

TRUE SECURITY-AS-A-SERVICE

BUILDING CYBERSECURITY CAPABILITY, MATURITY, RESILIENCE

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Transcription:

Protecting organisations from the ever evolving Cyber Threat

Who we are

.At a glance 16+ Up to 190B 2B+ Dell SecureWorks is one of the most promising MSSPs in the GCC region MSS Market Report on GCC, Frost & Sullivan 2015 Years of threat intelligence data 700 Incident Response engagements last year Events processed daily 1,500+ Consulting engagements performed annually Threat Indicators 2000+ Employees BAHRAIN KSA KUWAIT OMAN QATAR UAE ~100K Malware samples analyzed every day ~7M Attacker DB 4,300 Clients Across the Globe 4

SecureWorks Global Reach Offices CTOC (NA) CTOC (Edinburgh) CTOC (Kawasaki) Data Center Center of Excellence Counter Threat Unit 5

SecureWorks Positioned 1 st This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from SecureWorks. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 6

What we do

Cornerstone of effectiveness Threat Intelligence 8

Context and countermeasures CTU Intel Services SRC Incident Response Managed Security Applying Threat Intelligence Threat signatures What does it mean? How to resist? What is the next action? Analysis filters / rules SOC escalations Network indicators TIMS Threat Intelligence Management System - Knowledge management - Link analysis across structured and unstructured data - Workflow and collaboration - Global threat campaign visualization Host indicators Tradecraft analysis Attack methods Peer threat trends Targeted threat alerts Threat & vuln feeds Feedback loop Attacker database 9

Comprehensive Portfolio of Services Managed Security Security and Risk Consulting Threat Intelligence Incident Response 24/7 security monitoring Testing & assessments Targeted Threat Intelligence CIRP Development Security device mgmt. - IPS/IDS - Firewalls - Next Generation Firewalls - Web Application Firewalls Log Management Advanced Endpoint Threat Detection Advance Malware Protection and Detection Vulnerability management Web application scanning Mobile & cloud security Compliance and certification Program development & governance Network and web application testing Expert residency Physical Security Assessments Wireless security testing Social engineering Threat, vulnerability & advisory feeds Emerging threat bulletins Microsoft update analysis Weekly intelligence summary Cybersecurity news roundup Live intelligence briefings CTU support Attacker database feed CIRP Review CIRP Training Tabletop exercises Incident handling Digital forensics investigation Incident management Malware analysis Eradication & recovery Postmortem analysis Documentation 10

How we deliver MSS Customer Portal Seamless integration Real time visibility Proxy Servers WAF IDS/IPS Applications Holistic View Single Pane of Glass Powerful Reporting Single Sign on to Qualys Counter Threat Appliance Firewall/VPN Customer Network Log Retention Understands the threats and vulnerabilities in your environment Native APIs SOC Security experts know when a vulnerability is present, strengthening their analysis Internet CTU Intelligence Counter Threat Unit SM Applied research Across global customer base Latest countermeasures Protection from emerging threats Counter Threat Platform Counter Threat Platform TM SOC facilities Purpose-built for MSS 500+ FTE development years Superior scalability Billions of events per day Security Operations Centers Seven 24x7 SOCs Real-time automated failover Certified security experts SANS GIAC GCIA certified Security Analysts 11

What has changed Advanced Threats

Advanced and evasive threats are growing exponentially and getting harder to detect 2x 65% >1/2 46% 33% Unique Attacks Evading Detection Living off the Land Accidental Discovery 2 Years to Discover Every day in 2014, attackers launched twice as many unique attacks on your systems with malicious code than was seen in 2013. 1 65% of respondents in a recent Ponemon Institute survey say attacks evade existing preventive security controls. 2 In over half of the targeted threat response engagements last year, cyber criminals breached companies computer sys-tems by using little or no malware in their attacks.. 3 46% say breaches are discovered by accident. 2 33% of organizations discover breaches two or more years after the incident. 2 13

Its happening in the region 14

Technology alone cant solve the problem Over-reliance on technology??? Intelligence: Lack of threat intelligence to build context of the alert and facilitate accurate diagnosis of the threat People: Lack of specialized skill sets to interpret detailed reporting, analyze systems and applications and assess real business impact Process: Analysis takes days or weeks to complete amidst other alerts and priorities Observations from Incident Response Companies with advanced malware protection technologies are still not able to decipher reporting. Companies with advanced malware protection technologies are still getting breached by evasive malware. 15

Actionable Intelligence is critical lack of actionable intelligence reduces ability to see the big picture. Security event information can tell you: Intelligence helps you go beyond to answer: How? How did the adversary get in and where did they spread to? Who? Who may be behind it and what else should we look for? What? What malware did they use and what does it do? Why? Why were we targeted? What is the actor s end game? When? When did this happen and what s gone on since then? Accurate diagnosis and remediation 16

What is changing Cloud

Cloud: A Shared Responsibility SaaS Software as a Service Cloud Service Provider (CSP) owns application CSP client owns data and access rights Cloud Service Provider (CSP) has responsibility for security PaaS Platform as a Service CSP owns network and platform CSP client owns application and data IaaS Infrastructure as a Service CSP owns network and hypervisors CSP client owns above the hypervisor You have responsibility for security 18 Classification: //SecureWorks/Confidential - Limited External Distribution:

Our Cloud Architecture 19

SecureWorks Securing AWS Native Logs now Plus, we are the only major MSSP monitoring the 3rd Party appliances today! 20

SecureWorks Coming Soon. 21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback