RSA. The security division of EMC. Visibilidad total en el entorno de seguridad. Javier Galvan Systems Engineer Mexico & NOLA

Similar documents
Security. Risk Management. Compliance.

Aktueller Überblick über das RSA Portfolio

RSA Web Threat Detection

RSA NetWitness Suite Respond in Minutes, Not Months

RSA INCIDENT RESPONSE SERVICES

RSA Fraud & Risk Intelligence Solutions

RSA INCIDENT RESPONSE SERVICES

RSA Web Threat Detection

RSA Advanced Security Operations Richard Nichols, Director EMEA. Copyright 2015 EMC Corporation. All rights reserved. 1

EMC & VMWARE STRATEGIC FORUM NEW YORK MARCH Tom Heiser President, RSA. Tom Corn SVP & Chief Strategy Officer, RSA

THE EVOLUTION OF SIEM

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

RSA Security Analytics

CyberArk Privileged Threat Analytics

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Critical Hygiene for Preventing Major Breaches

Key Technologies for Security Operations. Copyright 2014 EMC Corporation. All rights reserved.

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Vincent van Kooten, EMEA North Fraud & Risk Intelligence Specialist RSA, The Security Division of EMC

68 Insider Threat Red Flags

Behavioral Analytics A Closer Look

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. Ralf Kaltenbach, Regional Director RSA Germany

Sobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

Cybersecurity Roadmap: Global Healthcare Security Architecture

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

the SWIFT Customer Security

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

RSA IT Security Risk Management

What matters in Cyber Security

How Breaches Really Happen

CIS Controls Measures and Metrics for Version 7

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

CIS Controls Measures and Metrics for Version 7

Gladiator Incident Alert

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

CloudSOC and Security.cloud for Microsoft Office 365

Best Practices in Healthcare Risk Management. Balancing Frameworks/Compliance and Practical Security

Implementing Cisco Cybersecurity Operations

Built-in functionality of CYBERQUEST

ICS Security Monitoring

Driving more value from your Security Operations Center (SOC) Platform. James Hanlon Director, Splunk Security Markets Specialization, EMEA

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

The Future of Threat Prevention

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

Security+ SY0-501 Study Guide Table of Contents

Evolution Of Cyber Threats & Defense Approaches

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security

Industrial Defender ASM. for Automation Systems Management

empow s Security Platform The SIEM that Gives SIEM a Good Name

Imperva Incapsula Website Security

Enterprise GRC Implementation

SIEM Product Comparison

FairWarning Mapping to PCI DSS 3.0, Requirement 10

Privileged Account Security: A Balanced Approach to Securing Unix Environments

<Partner Name> <Partner Product> RSA Ready Implementation Guide for. Rapid 7 Nexpose Enterprise 6.1

The Transformation in Security How RSA is responding to the Changing Threat Landscape

Challenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9

Business Context: Key for Successful Risk Management

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Cyber Security Technologies

Secure Access & SWIFT Customer Security Controls Framework

Fidelis Overview. ISC 2 DoD and Industry Forum. Rapid Detection and Automated Incident Response DoD & Commercial Active Defense Use Cases

ANATOMY OF AN ATTACK!

Lessons Learned: A Real Life Data Breach. Jigar Kadakia Partners HealthCare

Teradata and Protegrity High-Value Protection for High-Value Data

MEETING ISO STANDARDS

SIEM: Five Requirements that Solve the Bigger Business Issues

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

McAfee MVISION Cloud. Data Security for the Cloud Era

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

Changing face of endpoint security

INTELLIGENCE DRIVEN GRC FOR SECURITY

THE RSA SUITE NETWITNESS REINVENT YOUR SIEM. Presented by: Walter Abeson

IBM Security Vaš digitalni imuni sistem. Dejan Vuković Security BU Leader South East Europe IBM Security

Emerging Issues: Cybersecurity. Directors College 2015

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access

How CyberArk can help mitigate security vulnerabilities in Industrial Control Systems

FRAMEWORK MAPPING HITRUST CSF V9 TO ISO 27001/27002:2013. Visit us online at Flank.org to learn more.

Securing Office 365 with SecureCloud

Fidelis Overview. 15 August 2016 ISC2 Cyber Defense Forum

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

Detect Cyber Threats with Securonix Proxy Traffic Analyzer

Rev.1 Solution Brief

IBM services and technology solutions for supporting GDPR program

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Copyright 2011 Trend Micro Inc.

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

Are we breached? Deloitte's Cyber Threat Hunting

Be effective in protecting against the cybercrime

PracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam

Transcription:

RSA The security division of EMC Visibilidad total en el entorno de seguridad Javier Galvan Systems Engineer Mexico & NOLA 1

When we talk about threats we MUST talk about Indicator Of Compromise 2

Indicator Of Compromise Unusual Outbound Network Traffic Look for suspicious traffic leaving the network. It's not just about what comes into your network, it's about outbound traffic as well. Features Detect non-standard, obfuscated, or tunneled traffic Detect abnormal activity in endpoints Detect or restrict large file transfers to suspicious destinations 1Indicator of compromise 3

Indicator Of Compromise Anomalies In Privileged User Account Activity Changes in the behavior of privileged users can indicate that the user account in question is being used by someone else to establish a beachhead in your network Features Detect privilege escalation Detect attempted use of disabled credentials Auditing user access rights 2Indicator of compromise 4

Indicator Of Compromise Web Traffic With Unhuman Behavior How often do you open 20 or 30 browser windows to different sites simultaneously? Are you able to click in milliseconds? Features Detecting non-standard user agents Detecting direct to IP requests Detecting non-human click stream 3Indicator of compromise 5

Reduce Attacker Free Time Attacker Surveillance Target Analysis Access Probe Attack Set-up System Intrusion Attack Begins Discovery/ Persistence Cover-up Starts Leap Frog Attacks Complete Cover-up Complete Maintain foothold TIME ATTACKER FREE TIME TIME Physical Security Threat Analysis Defender Discovery Attack Forecast Source: NERC HILF Report, June 2010 (http://www.nerc.com/files/hilf.pdf) Monitoring & Controls Attack Identified Containment & Eradication Incident Reporting Impact Analysis Damage Identification System Reaction Response Recovery 6

Characteristics of Security Maturity Model RISK VISIBILITY Step 1: Threat Defense Step 2: Compliance and Defense-in-Depth Step 3: Risk-Based Security Step 4: Business-Oriented 7

RSA Security Management Compliance Vision Delivering Visibility, Intelligence and Governance 8

RSA Identity Management & Governance Identities Visibility 9

RSA IDENTITY MANAGEMENT & GOVERNANCE A PHASED APPROACH Visibility & Certification Policy Management Access Request Role & Group Management Account & Entitlement Collection Segregation of Duties Access Request Portal Role Discovery & Definition Access Reviews Joiners, Movers, and Leavers Role Maintenance Data Visibility Compliance Controls Policy-Based Change Management Group Analysis & Cleanup 10

RSA Security Analytics Logs, Network and Malware visibility 11

RSA Security Analytics: Unified platform for security monitoring, incident investigations and compliance reporting SIEM Compliance Reports Device XMLs Log Parsing RSA Security Analytics Fast & Powerful Analytics Logs & Packets Unified Interface Analytics Warehouse Network Security Monitoring High Powered Analytics Big Data Infrastructure Integrated Intelligence SEE DATA YOU DIDN T SEE BEFORE, UNDERSTAND DATA YOU DIDN T EVEN CONSIDER BEFORE 12

Logs 13

Packets 14

15

RSA Live 16

Malware Analysis Likely Zero-Day Static Analysis NetWitness NextGen Sandbox Analysis Likely Sandbox Aware Malware Community Highly Likely Malware 17

RSA Web Threat Detection Online Channel Visibility 18

Web Threat Detection Criminals Look Different than Customers Velocity Page Sequence Origin Contextual Information Proprietary and Confidential To Silver Tail Systems 19

Web Threat Detection Complete Web Session Intelligence & Application Layer Threat Visibility Beginning of Web Session Login Financial Transaction Checkout and Logout Vulnerability Probing DDOS Attacks Site Scraping New Account Registration Fraud Promotion Abuse Parameter Injection Password Guessing Man In The Browser Access From High Risk Country Account Takeover Unauthorized Account Activity Man In The Middle High Risk Checkout 20

RSA Archer egrc Business Visibility 21

RSA Archer egrc Governance, Risk and Compliance 1. Enterprise Management 2. Policy Management 3. Risk Management 4. Incidents Management 5. Threats Management 6. Compliance Management 7. Business Continuity Management 8. Vendors Management 9. Audit Management 10. Vulnerability Risk Management (VRM) 11. Security Operations Management (SecOps) 22

RSA Archer egrc 23

Dashboards & Reports 24

Big Data Transforms Security 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback