SlideShare uma empresa Scribd logo

Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar

IBM Security
IBM Security

view on demand: https://securityintelligence.com/events/dont-drown-in-a-sea-of-cyberthreats/ Security teams can be overwhelmed by a sea of vulnerabilities–without the contextual data to help them focus their efforts on the weaknesses that are most likely to be exploited. Cyberthreats need to be stopped before they cause significant financial and reputational damages to an organization. You need a security system that can detect an attack, prioritize risks and respond within minutes to shut down an attack or vulnerability that could compromise your endpoints and data. Join this webinar and learn how IBM BigFix seamlessly integrates with IBM QRadar to provide accelerated risk prioritization and incident response to mitigate potential attacks giving you an integrated threat protection system to keep your corporate and customer data secure.

Tecnologia
1 de 25
Baixar para ler offline
© 2015 IBM Corporation Mitigate attacks with IBM BigFix and QRadar Rich Caponigro IBM BigFix Security Product Manager cappy@us.ibm.com Don’t drown in a sea of cyber-threats
2© 2015 IBM Corporation Please Note: !  IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion. !  Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. !  The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. !  The development, release, and timing of any future features or functionality described for our products remains at our sole discretion. Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user’s job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here.
3© 2015 IBM Corporation Agenda !  Cyber security today !  BigFix and QRadar SIEM tighten endpoint security !  New! - BigFix plus QRadar close the risk management loop !  Q & A
4© 2015 IBM Corporation Complexity Architecture Resources !  Heavy, resource-intensive agent(s) !  Multiple point tools & agents !  Inability to maintain and prove compliance with complex and evolving regulations What Organizations face !  Limited IT budget and staff !  Shortage of qualified personnel !  Unable to scale over widely dispersed locations !  High costs and risks associated with sophisticated threats !  Inability to remediate and report on compliance issues and vulnerabilities across the environment
5© 2015 IBM Corporation Vulnerabilities Will Be Exploited! Source: Verizon Data Breach Investigation Report 2015 Hackers are capitalizing on first few week’s of CVE availability, knowing orgs can’t patch effectively Needed – quick identification, prioritization, and remediation! Almost half of new CVE’s are exploited in the first 4 weeks
6© 2015 IBM Corporation IBM is uniquely positioned to offer integrated threat protection A dynamic, integrated system to disrupt the lifecycle of advanced attacks and prevent loss Open Integrations Global Threat Intelligence Ready for IBM Security Intelligence Ecosystem •  Share security context across multiple products •  100+ vendors, 400+ products IBM Security Network Protection XGS Prevent remote network exploits and limit the use of risky web applications Smarter Prevention Security Intelligence IBM Emergency Response Services Assess impact and plan strategically and leverage experts to analyze data and contain threats Continuous Response IBM X-Force Threat Intelligence Leverage threat intelligence from multiple expert sources IBM Trusteer Apex Endpoint Malware Protection Prevent malware installation and disrupt malware communications IBM Security QRadar Security Intelligence Discover and prioritize vulnerabilities Correlate enterprise-wide threats and detect suspicious behavior IBM Security QRadar Incident Forensics Retrace full attack activity, search for breach indicators and guide defense hardening IBM Guardium Data Activity Monitoring Prevent power user abuse and misuse of sensitive data IBM BigFix Automate and enforce continuous compliance of security and regulatory policies
7© 2015 IBM Corporation QRadar SIEM Embedded intelligence enabling automated offense identification Suspected IncidentsServers and mainframes Data activity Network and virtual activity Application activity Configuration information Security devices Users and identities Vulnerabilities and threats Global threat intelligence Automated Offense Identification •  Unlimited data collection, storage and analysis •  Built in data classification •  Automatic asset, service and user discovery and profiling •  Real-time correlation and threat intelligence •  Activity baselining and anomaly detection •  Detects incidents of the box Embedded Intelligence Prioritized Incidents
8© 2015 IBM Corporation IBM BigFix Bridging the Gap between Security and IT Ops ENDPOINT SECURITY Discovery and Patching Lifecycle Management Software Compliance and Usage Continuous Monitoring Threat Protection Incident Response ENDPOINT MANAGEMENT IBM BigFix® FIND IT. FIX IT. SECURE IT. …FAST Shared visibility and control between IT Operations and Security IT OPERATIONS SECURITY Reduce operational costs while improving your security posture
9© 2015 IBM Corporation Extensive Data Sources Deep Intelligence Exceptionally Accurate and Actionable Insight+   =   "  Near real-time patch feed from BigFix to QRadar Increases vulnerability database accuracy improving offense and risk analytics to limit potential offenses "  Establishes baseline for endpoint states and improves alerting on variations to detect threats "  Represents AV/DLP alerts within consolidated enterprise security view helping correlate advanced threat activities "  Improves compliance reporting with deep endpoint state data BigFix and QRadar tighten endpoint security BigFix  endpoint   deep  intelligence       •  Physical  /  Virtual   •  On/off  network   •  Servers   •  Clients   •  POS,  ATM,  Kiosks      
10© 2015 IBM Corporation BigFix Fixlet status visualized in QRadar 10 Patches Critical Fix Configuration Change Record of who made change
11© 2015 IBM Corporation BigFix vulnerability data stored in QRadar asset database 11
12© 2015 IBM Corporation Complementary capabilities by use case QRadar target use case BigFix complementary capabilities  Advanced threat detection   Full visibility of endpoint activity and state marrying anti-virus, vulnerability information, and configuration data in real-time   Quickly obtain answers to unique queries to understand security incidents   Rapid incident response, such as disabling DLLs being exploited  Malicious activity identification   Guards against full range of malware and scans POP3 email and Microsoft Outlook folders for threats   Cross-reference threats real-time with a large, cloud-based database  User activity monitoring   Enforces security baselines, passcode policies, security configurations, anti-virus policies, patch management, and more  Compliance reporting and monitoring   Provides company-wide reports instantly without polling systems to assess the organization’s security compliance posture   Continuous policy enforcement to help maintain compliance  Fraud detection and data loss prevention   Automatically determines safety of dynamically-rated websites protecting endpoints against web-based malware, data theft, lost productivity and reputation damage   Block or allow data being copied to or sent to a variety of delivery channels
13© 2015 IBM Corporation Coming soon – Closed-loop risk management BigFix Compliance with QRadar Vulnerability Manager and Risk Manager deliver real-time endpoint intelligence for closed-loop risk management IBM QRadarIBM BigFix Real-time endpoint intelligence Network anomaly detection Provides current endpoint status Correlates events and generates alerts Prompts IT staff to fix vulnerabilities •  Improves asset database accuracy •  Strengthens risk assessments •  Enhances compliance reporting •  Accelerates risk prioritization of threats and vulnerabilities •  Increases reach of vulnerability assessment to off-network endpoints Integrated, closed-loop risk management
14© 2015 IBM Corporation IBM BigFix Compliance Using BigFix Compliance, clients get value from: "  Con$nuous  real-­‐$me  enforcement  of  security  policies,  regardless  of  network  connec$on   status  significantly  reduces  overall  security  risk   "  Supports  industry  and  regulatory  compliance  benchmarks  for  best  prac$ce  protec$on   "  Discovery  of  unmanaged  endpoints  and  Automa$c  patch  and  remedia$on  of  non-­‐ compliant  systems  reduces  risk  and  labor  costs   "  Deploy,  update,  and  health  check  3rd-­‐party  Endpoint  Protec$on  solu$ons   "  Policy  based  quaran$ne  of  non-­‐compliant  systems   Lifecycle Inventory Patch Compliance Protection BigFix Platform More than 10,000 heterogeneous platform compliance checks based on best practice regulatory benchmarks from CIS, PCI DSS, DISA STIG, USGCB
15© 2015 IBM Corporation 98% patch and update compliance rate on 4,000+ workstations with 50% reduced labor costs Infirmary Health System Continuous security configuration compliance Accurate, real-time visibility and continuous security configuration enforcement Continuous compliance “set and forget” •  No high-risk periods •  Lower total cost •  Continued improvement •  Identify and report on any configuration drift •  Library of 10,000+ compliance checks (e.g., CIS, PCI, USGCB, DISA STIG) Traditional compliance “out of synch” •  High-risk and cost periods •  Manual approach causes endpoints to fall out of compliance again Traditional versus Continuous Time Compliance ContinuousTraditional RISK SCAP
16© 2015 IBM Corporation QRadar Risk and Vulnerability Management Discovery and Verification Intelligent Context Driven Prioritization Automatic Delegation and Assignments •  Uncovers the weaknesses •  Daily vulnerability and patch updates •  Proven, certified scanning •  Endpoints, assets, device configuration •  Passive and active discovery •  What assets are important ? •  Where are the threats ? •  Who is talking to who ? •  What is blocked and patched already ? •  What is out of compliance ? •  Who needs to action •  What needs to be done •  Missing patches •  Signatures •  Configuration changes Reporting and Alerting •  What needs escalation •  What is in and out of compliance •  Dashboards and reports •  APIs Feedback And Compliance Discovery and verification Intelligent Context driven Prioritization Delegate and assign Updated Posture
17© 2015 IBM Corporation BigFix Compliance plus QRadar Capability BigFix Compliance QRadar Vuln Mgr QRadar Risk Mgr BigFix + QRadar Continuous policy monitoring ü Endpoint ü Network üü Endpoint quarantine / remediation ü ü Vulnerability discovery ü Real-time Windows ü Heterogeneous scan üü Real-time updates Asset discovery ü ü üü Risk analysis / reporting ü CVSS ü Correlated threat üü Real-time updates Closed loop action delegation / assignment üü Vulnerabilities Will Be Exploited! Quick identification, prioritization, and remediation! BigFix plus QRadar address the highest security risks first! High priority risks sent to BigFix for action •  Deeper, timely endpoint data •  Faster remediation of critical risks
18© 2015 IBM Corporation STEP ONE Provide Continuous Insight across all endpoints. INCLUDING off-network laptops STEP FOUR Expedite remediation of ranked vulnerabilities, configuration drift and irregular behavior STEP TWO Enforce Policy Compliance of Security, Regulatory & Operational Mandates. STEP THREE Prioritize vulnerabilities and remediation activities by risk •  QRadar correlates assets & vulnerabilities with real-time security data •  It then sends the prioritized list to BigFix administrators •  Machine Name, OS, IP Address, Malware incidents etc. •  Provides details on physical and virtual servers, PCs, Macs, POS devices, ATMs, kiosks, etc. •  All known CVEs exposed on an endpoint •  Quarantine endpoints until they can be remediated •  Patch or reconfigure endpoints IBM BigFixIBM BigFix IBM BigFix •  BigFix sends vulnerability and patch data to QRadar, automatically ensuring that QRadar's asset database is updated with current data Extending QRadar’s reach and simplifying incident response with BigFix Legend •  Avail Today •  Coming Soon
19© 2015 IBM Corporation BF Compliance endpoint view of QRadar prioritized vulnerabilities Endpoint info QRadar Risk Score CVEs Relevant fixlets Subject to change
20© 2015 IBM Corporation BigFix CVE Action Status Subject to change Action Status
21© 2015 IBM Corporation Prioritized CVE view Subject to change Endpoints affectedCVE ID and risk score
22© 2015 IBM Corporation BigFix / QRadar Integration Use Cases 1. BigFix fixlet and vulnerability status messages passed to QRadar –  Customer value: Actions that occur and vulnerabilities that exists on endpoints can be passed to QRadar for correlation with other security events. BigFix patch status is relayed to QRadar in a very timely fashion and is stored in the asset database. 2. QRadar can generate a list of assets that do not have BigFix installed, showing how many vulnerabilities could be remediated on each asset if BigFix were installed –  Customer value: Rapid identification of rogue or unmanaged assets and improved detection and reaction time. Provides strong case for managing assets with BigFix. 3. QRadar (QVM) assigns high-risk vulnerabilities (i.e. those determined via QRM policies) to BigFix for remediation or quarantine; also allows tracking should an exploit occur –  Customer value: Typical BigFix customers don’t have a way to figure out which patches should be assigned high priority. With this integration, high-risk vulnerabilities could be easily assigned to operations personnel as needed. BigFix administrators gain a way to know which patches should be considered for high priority “out of band” patching, and can initiate remediation immediately. This reduces risk of initial exploit, exploit propagation, and improves productivity. Typical QRadar customers don’t have a way to isolate vulnerable or compromised devices to limit potential exposures. With this integration, high-risk vulnerabilities could be easily isolated form the network allowing only BigFix communications. QRadar administrators gain a way to immediately react to possible exposures and have BigFix Administrators remediate the vulnerability. This reduces risk of initial exploit, exploit propagation, and improves productivity AvailableTodayComingSoon *The  Informa$on  regarding  poten$al  future  products  is  intended  to  outline  our  general  product  direc$on  and  it  should  not  be  relied  on  in  making  a  purchasing  decision.  The  informa$on  men$oned  regarding   poten$al  future  products  is  not  a  commitment,  promise,  or  legal  obliga$on  to  deliver  any  material,  code  or  func$onality.  Informa$on  about  poten$al  future  products  may  not  be  incorporated  into  any  contract.  The   development,  release,  and  $ming  of  any  future  features  or  func$onality  described  for  our  products  remains  at  our  sole  discre$on.   Subject  to  IBM  NDA  
23© 2015 IBM Corporation Endpoint & Threat Focal Points Sales Leaders: •  Anthony Aurigemma, WW Director of E&M Sales aaurigem@us.ibm.com •  Mark Phinick, WW Sales Leader mphinick@us.ibm.com •  Josh Stegall, WW Channel Sales Leader jstegall@us.ibm.com •  Jim Gottardi, NA Sales Leader Jim.Gottardi@us.ibm.com •  Teng Sherng Lim (T.S.), AP Sales Leader limtsh@sg.ibm.com •  John Seyerle, EU Sales Leader JSEY@ch.ibm.com Technical Leaders & Product Management: •  Jim Brennan, Dir, Product Mgt & Strategy jim.brennan@us.ibm.com •  Murtuza Choilawala, Pgm Director, PM & Strategy murtuza@us.ibm.com •  Rich Caponigro, BigFix Compliance PM cappy@us.ibm.com •  Lee Wei, WW Technical Sales Leader leewei@us.ibm.com •  Alex Donatelli, CTO for Endpoint Security alex.donatelli@it.ibm.com –  George Mina, Product Marketing geemin11@us.ibm.com –  Rohan Ramesh, Product Marketing rohanr@ca.ibm.com –  Mark Taggart, WW Sales Empowerment mttaggar@us.ibm.com Key Contacts
24© 2015 IBM Corporation Website: www.bigfix.com Twitter: @IBMBigFix
© Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOU www.ibm.com/security

Recomendados

Cutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control CostsCutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control Costs
IBM Security
 
Avoiding the Data Compliance "Hot Seat"
Avoiding the Data Compliance "Hot Seat"Avoiding the Data Compliance "Hot Seat"
Avoiding the Data Compliance "Hot Seat"
IBM Security
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
IBM Security
 
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
IBM Security
 
MDM is not Enough - Parmelee
MDM is not Enough - Parmelee MDM is not Enough - Parmelee
MDM is not Enough - Parmelee
Prolifics
 
QRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the MouseQRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the Mouse
IBM Security
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security
 
10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know
IBM Security
 

Recomendados

Cutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control CostsCutting Through the Software License Jungle: Stay Safe and Control Costs
Cutting Through the Software License Jungle: Stay Safe and Control Costs
IBM Security
 
Avoiding the Data Compliance "Hot Seat"
Avoiding the Data Compliance "Hot Seat"Avoiding the Data Compliance "Hot Seat"
Avoiding the Data Compliance "Hot Seat"
IBM Security
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & InvestmentThe ROI on Intrusion Prevention: Protecting Both Your Network & Investment
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
IBM Security
 
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...Protecting Mission-Critical Source Code from Application Security Vulnerabili...
Protecting Mission-Critical Source Code from Application Security Vulnerabili...
IBM Security
 
MDM is not Enough - Parmelee
MDM is not Enough - Parmelee MDM is not Enough - Parmelee
MDM is not Enough - Parmelee
Prolifics
 
QRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the MouseQRadar & XGS: Stopping Attacks with a Click of the Mouse
QRadar & XGS: Stopping Attacks with a Click of the Mouse
IBM Security
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
IBM Security
 
10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know
IBM Security
 
3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them
IBM Security
 
Extending QRadar’s reach and simplifying incident response with BigFix
Extending QRadar’s reach and simplifying incident response with BigFixExtending QRadar’s reach and simplifying incident response with BigFix
Extending QRadar’s reach and simplifying incident response with BigFix
Luigi Delgrosso
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats
IBM Security
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
IBM Security
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
IBM Security
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
IBM Security
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
Francisco González Jiménez
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
IBM Security
 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?
IBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
IBM Security
 
Malware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthMalware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient Truth
IBM Security
 
Tolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't SeeTolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't See
IBM Security
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
IBM Security
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016
IBM Security
 
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksLife on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
IBM Security
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
IBM Thailand Co Ltd
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
Samuel Kamuli
 
Ibm security products portfolio
Ibm security products portfolioIbm security products portfolio
Ibm security products portfolio
Patrick Bouillaud
 
Attack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainAttack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack Chain
IBM Security
 
IBM MaaS360 with watson
IBM MaaS360 with watsonIBM MaaS360 with watson
IBM MaaS360 with watson
Prime Infoserv
 
IBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM BigFix: Closing the Endpoint Gap Between IT Ops and SecurityIBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM Security
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
Virginia Fernandez
 

Mais conteúdo relacionado

Mais procurados

3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them
IBM Security
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats
IBM Security
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
IBM Security
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
IBM Security
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
IBM Security
 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?
IBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
IBM Security
 
Malware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthMalware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient Truth
IBM Security
 
Tolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't SeeTolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't See
IBM Security
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016
IBM Security
 
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksLife on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
IBM Security
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
Samuel Kamuli
 
Attack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainAttack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack Chain
IBM Security
 

Mais procurados (20)

3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them3 Enablers of Successful Cyber Attacks and How to Thwart Them
3 Enablers of Successful Cyber Attacks and How to Thwart Them
 
Extending QRadar’s reach and simplifying incident response with BigFix
Extending QRadar’s reach and simplifying incident response with BigFixExtending QRadar’s reach and simplifying incident response with BigFix
Extending QRadar’s reach and simplifying incident response with BigFix
 
4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats4 Ways to Build your Immunity to Cyberthreats
4 Ways to Build your Immunity to Cyberthreats
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection SuiteThe Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
 
IBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References GuideIBM Security - 2015 - Client References Guide
IBM Security - 2015 - Client References Guide
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
 
Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?Are Cloud Apps the Invisible Man?
Are Cloud Apps the Invisible Man?
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow itCloud security enforcer - Quick steps to avoid the blind spots of shadow it
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
 
Malware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient TruthMalware on Smartphones and Tablets: The Inconvenient Truth
Malware on Smartphones and Tablets: The Inconvenient Truth
 
Tolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't SeeTolly Report: Stopping Attacks You Can't See
Tolly Report: Stopping Attacks You Can't See
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016Recent ECB/ EBA regulations how they will impact European banks in 2016
Recent ECB/ EBA regulations how they will impact European banks in 2016
 
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber AttacksLife on the Endpoint Edge: Winning the Battle Against Cyber Attacks
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
 
IBM Security Portfolio - 2015
IBM Security Portfolio - 2015IBM Security Portfolio - 2015
IBM Security Portfolio - 2015
 
Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015Gartner technologies for Infosec 2014-2015
Gartner technologies for Infosec 2014-2015
 
Ibm security products portfolio
Ibm security products portfolioIbm security products portfolio
Ibm security products portfolio
 
Attack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack ChainAttack Autopsy: A Study of the Dynamic Attack Chain
Attack Autopsy: A Study of the Dynamic Attack Chain
 
IBM MaaS360 with watson
IBM MaaS360 with watsonIBM MaaS360 with watson
IBM MaaS360 with watson
 

Destaque

IBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM BigFix: Closing the Endpoint Gap Between IT Ops and SecurityIBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM Security
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
IBM Security
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPs
IBM Security
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
IBM Security
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
IBM Security
 

Destaque (20)

IBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM BigFix: Closing the Endpoint Gap Between IT Ops and SecurityIBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
IBM BigFix: Closing the Endpoint Gap Between IT Ops and Security
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
 
Soraya Ghebleh - Critical Issues In Healthcare Quick Reference Guide #2
Soraya Ghebleh - Critical Issues In Healthcare Quick Reference Guide #2 Soraya Ghebleh - Critical Issues In Healthcare Quick Reference Guide #2
Soraya Ghebleh - Critical Issues In Healthcare Quick Reference Guide #2
 
IBM Security Immune System
IBM Security Immune SystemIBM Security Immune System
IBM Security Immune System
 
Mitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-RadarMitigate attacks with IBM BigFix and Q-Radar
Mitigate attacks with IBM BigFix and Q-Radar
 
Presentation data security solutions certified ibm business partner for ibm...
Presentation data security solutions certified ibm business partner for ibm...Presentation data security solutions certified ibm business partner for ibm...
Presentation data security solutions certified ibm business partner for ibm...
 
IBM Endpoint Manager for Software Use Analysis (Overview)
IBM Endpoint Manager for Software Use Analysis (Overview)IBM Endpoint Manager for Software Use Analysis (Overview)
IBM Endpoint Manager for Software Use Analysis (Overview)
 
IBM Endpoint Manager for Lifecycle Management (Overview)
IBM Endpoint Manager for Lifecycle Management (Overview)IBM Endpoint Manager for Lifecycle Management (Overview)
IBM Endpoint Manager for Lifecycle Management (Overview)
 
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014
 
Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016
Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016 Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016
Synthèse de l'offre logicielle IBM de Sécurité - Nov 2016
 
Soraya Ghebleh - Iranian Land Reform and the 1979 Revolution
Soraya Ghebleh - Iranian Land Reform and the 1979 RevolutionSoraya Ghebleh - Iranian Land Reform and the 1979 Revolution
Soraya Ghebleh - Iranian Land Reform and the 1979 Revolution
 
The 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach StudyThe 2016 Ponemon Cost of a Data Breach Study
The 2016 Ponemon Cost of a Data Breach Study
 
Extend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPsExtend Your Market Reach with IBM Security QRadar for MSPs
Extend Your Market Reach with IBM Security QRadar for MSPs
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
 
Soraya Ghebleh - Defining Disruptive Innovation in Healthcare
Soraya Ghebleh - Defining Disruptive Innovation in HealthcareSoraya Ghebleh - Defining Disruptive Innovation in Healthcare
Soraya Ghebleh - Defining Disruptive Innovation in Healthcare
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
 
IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint IBM Security Software Solutions - Powerpoint
IBM Security Software Solutions - Powerpoint
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
 

Semelhante a Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar

What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
IBM Security
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBs
Jyothi Satyanathan
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
IBM Security
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
IBM Security
 
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
IBM Security
 

Semelhante a Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar (20)

What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?What’s the State of Your Endpoint Security?
What’s the State of Your Endpoint Security?
 
Smart security solutions for SMBs
Smart security solutions for SMBsSmart security solutions for SMBs
Smart security solutions for SMBs
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
Maintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFixMaintaining Continuous Compliance with HCL BigFix
Maintaining Continuous Compliance with HCL BigFix
 
A New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm ApproachingA New Remedy for the Cyber Storm Approaching
A New Remedy for the Cyber Storm Approaching
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data AnalyticsSecurity Intelligence: Finding and Stopping Attackers with Big Data Analytics
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
 
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
Building a Next-Generation Security Operation Center Based on IBM QRadar and ...
 
Tecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentaliTecnologie a supporto dei controlli di sicurezza fondamentali
Tecnologie a supporto dei controlli di sicurezza fondamentali
 
IBM Security Services Overview
IBM Security Services OverviewIBM Security Services Overview
IBM Security Services Overview
 
IBM Security Strategy
IBM Security StrategyIBM Security Strategy
IBM Security Strategy
 
Bordless Breaches and Migrating Malware
Bordless Breaches and Migrating MalwareBordless Breaches and Migrating Malware
Bordless Breaches and Migrating Malware
 
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.netBig Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
Big Fix Q-Radar Ahmed Sharaf - EmbeddedSecurity.net
 
IBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy SectorIBM: Cognitive Security Transformation for the Enrgy Sector
IBM: Cognitive Security Transformation for the Enrgy Sector
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
 
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenbergIbm ofa ottawa_ how_secure_is_your_data_eric_offenberg
Ibm ofa ottawa_ how_secure_is_your_data_eric_offenberg
 
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
Surviving the Mobile Phenomenon: Protecting Devices without Disrupting the Us...
 
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 20165 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
5 Ways to Get Even More from Your IBM Security QRadar Investment in 2016
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 
IBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence OverviewIBM QRadar Security Intelligence Overview
IBM QRadar Security Intelligence Overview
 

Mais de IBM Security

Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
IBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
IBM Security
 

Mais de IBM Security (20)

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile Metrics
 

Último

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 

Último (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Don’t Drown in a Sea of Cyberthreats: Mitigate Attacks with IBM BigFix & QRadar

  • 1. © 2015 IBM Corporation Mitigate attacks with IBM BigFix and QRadar Rich Caponigro IBM BigFix Security Product Manager cappy@us.ibm.com Don’t drown in a sea of cyber-threats
  • 2. 2© 2015 IBM Corporation Please Note: !  IBM’s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM’s sole discretion. !  Information regarding potential future products is intended to outline our general product direction and it should not be relied on in making a purchasing decision. !  The information mentioned regarding potential future products is not a commitment, promise, or legal obligation to deliver any material, code or functionality. Information about potential future products may not be incorporated into any contract. !  The development, release, and timing of any future features or functionality described for our products remains at our sole discretion. Performance is based on measurements and projections using standard IBM benchmarks in a controlled environment. The actual throughput or performance that any user will experience will vary depending upon many factors, including considerations such as the amount of multiprogramming in the user’s job stream, the I/O configuration, the storage configuration, and the workload processed. Therefore, no assurance can be given that an individual user will achieve results similar to those stated here.
  • 3. 3© 2015 IBM Corporation Agenda !  Cyber security today !  BigFix and QRadar SIEM tighten endpoint security !  New! - BigFix plus QRadar close the risk management loop !  Q & A
  • 4. 4© 2015 IBM Corporation Complexity Architecture Resources !  Heavy, resource-intensive agent(s) !  Multiple point tools & agents !  Inability to maintain and prove compliance with complex and evolving regulations What Organizations face !  Limited IT budget and staff !  Shortage of qualified personnel !  Unable to scale over widely dispersed locations !  High costs and risks associated with sophisticated threats !  Inability to remediate and report on compliance issues and vulnerabilities across the environment
  • 5. 5© 2015 IBM Corporation Vulnerabilities Will Be Exploited! Source: Verizon Data Breach Investigation Report 2015 Hackers are capitalizing on first few week’s of CVE availability, knowing orgs can’t patch effectively Needed – quick identification, prioritization, and remediation! Almost half of new CVE’s are exploited in the first 4 weeks
  • 6. 6© 2015 IBM Corporation IBM is uniquely positioned to offer integrated threat protection A dynamic, integrated system to disrupt the lifecycle of advanced attacks and prevent loss Open Integrations Global Threat Intelligence Ready for IBM Security Intelligence Ecosystem •  Share security context across multiple products •  100+ vendors, 400+ products IBM Security Network Protection XGS Prevent remote network exploits and limit the use of risky web applications Smarter Prevention Security Intelligence IBM Emergency Response Services Assess impact and plan strategically and leverage experts to analyze data and contain threats Continuous Response IBM X-Force Threat Intelligence Leverage threat intelligence from multiple expert sources IBM Trusteer Apex Endpoint Malware Protection Prevent malware installation and disrupt malware communications IBM Security QRadar Security Intelligence Discover and prioritize vulnerabilities Correlate enterprise-wide threats and detect suspicious behavior IBM Security QRadar Incident Forensics Retrace full attack activity, search for breach indicators and guide defense hardening IBM Guardium Data Activity Monitoring Prevent power user abuse and misuse of sensitive data IBM BigFix Automate and enforce continuous compliance of security and regulatory policies
  • 7. 7© 2015 IBM Corporation QRadar SIEM Embedded intelligence enabling automated offense identification Suspected IncidentsServers and mainframes Data activity Network and virtual activity Application activity Configuration information Security devices Users and identities Vulnerabilities and threats Global threat intelligence Automated Offense Identification •  Unlimited data collection, storage and analysis •  Built in data classification •  Automatic asset, service and user discovery and profiling •  Real-time correlation and threat intelligence •  Activity baselining and anomaly detection •  Detects incidents of the box Embedded Intelligence Prioritized Incidents
  • 8. 8© 2015 IBM Corporation IBM BigFix Bridging the Gap between Security and IT Ops ENDPOINT SECURITY Discovery and Patching Lifecycle Management Software Compliance and Usage Continuous Monitoring Threat Protection Incident Response ENDPOINT MANAGEMENT IBM BigFix® FIND IT. FIX IT. SECURE IT. …FAST Shared visibility and control between IT Operations and Security IT OPERATIONS SECURITY Reduce operational costs while improving your security posture
  • 9. 9© 2015 IBM Corporation Extensive Data Sources Deep Intelligence Exceptionally Accurate and Actionable Insight+   =   "  Near real-time patch feed from BigFix to QRadar Increases vulnerability database accuracy improving offense and risk analytics to limit potential offenses "  Establishes baseline for endpoint states and improves alerting on variations to detect threats "  Represents AV/DLP alerts within consolidated enterprise security view helping correlate advanced threat activities "  Improves compliance reporting with deep endpoint state data BigFix and QRadar tighten endpoint security BigFix  endpoint   deep  intelligence       •  Physical  /  Virtual   •  On/off  network   •  Servers   •  Clients   •  POS,  ATM,  Kiosks      
  • 10. 10© 2015 IBM Corporation BigFix Fixlet status visualized in QRadar 10 Patches Critical Fix Configuration Change Record of who made change
  • 11. 11© 2015 IBM Corporation BigFix vulnerability data stored in QRadar asset database 11
  • 12. 12© 2015 IBM Corporation Complementary capabilities by use case QRadar target use case BigFix complementary capabilities  Advanced threat detection   Full visibility of endpoint activity and state marrying anti-virus, vulnerability information, and configuration data in real-time   Quickly obtain answers to unique queries to understand security incidents   Rapid incident response, such as disabling DLLs being exploited  Malicious activity identification   Guards against full range of malware and scans POP3 email and Microsoft Outlook folders for threats   Cross-reference threats real-time with a large, cloud-based database  User activity monitoring   Enforces security baselines, passcode policies, security configurations, anti-virus policies, patch management, and more  Compliance reporting and monitoring   Provides company-wide reports instantly without polling systems to assess the organization’s security compliance posture   Continuous policy enforcement to help maintain compliance  Fraud detection and data loss prevention   Automatically determines safety of dynamically-rated websites protecting endpoints against web-based malware, data theft, lost productivity and reputation damage   Block or allow data being copied to or sent to a variety of delivery channels
  • 13. 13© 2015 IBM Corporation Coming soon – Closed-loop risk management BigFix Compliance with QRadar Vulnerability Manager and Risk Manager deliver real-time endpoint intelligence for closed-loop risk management IBM QRadarIBM BigFix Real-time endpoint intelligence Network anomaly detection Provides current endpoint status Correlates events and generates alerts Prompts IT staff to fix vulnerabilities •  Improves asset database accuracy •  Strengthens risk assessments •  Enhances compliance reporting •  Accelerates risk prioritization of threats and vulnerabilities •  Increases reach of vulnerability assessment to off-network endpoints Integrated, closed-loop risk management
  • 14. 14© 2015 IBM Corporation IBM BigFix Compliance Using BigFix Compliance, clients get value from: "  Con$nuous  real-­‐$me  enforcement  of  security  policies,  regardless  of  network  connec$on   status  significantly  reduces  overall  security  risk   "  Supports  industry  and  regulatory  compliance  benchmarks  for  best  prac$ce  protec$on   "  Discovery  of  unmanaged  endpoints  and  Automa$c  patch  and  remedia$on  of  non-­‐ compliant  systems  reduces  risk  and  labor  costs   "  Deploy,  update,  and  health  check  3rd-­‐party  Endpoint  Protec$on  solu$ons   "  Policy  based  quaran$ne  of  non-­‐compliant  systems   Lifecycle Inventory Patch Compliance Protection BigFix Platform More than 10,000 heterogeneous platform compliance checks based on best practice regulatory benchmarks from CIS, PCI DSS, DISA STIG, USGCB
  • 15. 15© 2015 IBM Corporation 98% patch and update compliance rate on 4,000+ workstations with 50% reduced labor costs Infirmary Health System Continuous security configuration compliance Accurate, real-time visibility and continuous security configuration enforcement Continuous compliance “set and forget” •  No high-risk periods •  Lower total cost •  Continued improvement •  Identify and report on any configuration drift •  Library of 10,000+ compliance checks (e.g., CIS, PCI, USGCB, DISA STIG) Traditional compliance “out of synch” •  High-risk and cost periods •  Manual approach causes endpoints to fall out of compliance again Traditional versus Continuous Time Compliance ContinuousTraditional RISK SCAP
  • 16. 16© 2015 IBM Corporation QRadar Risk and Vulnerability Management Discovery and Verification Intelligent Context Driven Prioritization Automatic Delegation and Assignments •  Uncovers the weaknesses •  Daily vulnerability and patch updates •  Proven, certified scanning •  Endpoints, assets, device configuration •  Passive and active discovery •  What assets are important ? •  Where are the threats ? •  Who is talking to who ? •  What is blocked and patched already ? •  What is out of compliance ? •  Who needs to action •  What needs to be done •  Missing patches •  Signatures •  Configuration changes Reporting and Alerting •  What needs escalation •  What is in and out of compliance •  Dashboards and reports •  APIs Feedback And Compliance Discovery and verification Intelligent Context driven Prioritization Delegate and assign Updated Posture
  • 17. 17© 2015 IBM Corporation BigFix Compliance plus QRadar Capability BigFix Compliance QRadar Vuln Mgr QRadar Risk Mgr BigFix + QRadar Continuous policy monitoring ü Endpoint ü Network üü Endpoint quarantine / remediation ü ü Vulnerability discovery ü Real-time Windows ü Heterogeneous scan üü Real-time updates Asset discovery ü ü üü Risk analysis / reporting ü CVSS ü Correlated threat üü Real-time updates Closed loop action delegation / assignment üü Vulnerabilities Will Be Exploited! Quick identification, prioritization, and remediation! BigFix plus QRadar address the highest security risks first! High priority risks sent to BigFix for action •  Deeper, timely endpoint data •  Faster remediation of critical risks
  • 18. 18© 2015 IBM Corporation STEP ONE Provide Continuous Insight across all endpoints. INCLUDING off-network laptops STEP FOUR Expedite remediation of ranked vulnerabilities, configuration drift and irregular behavior STEP TWO Enforce Policy Compliance of Security, Regulatory & Operational Mandates. STEP THREE Prioritize vulnerabilities and remediation activities by risk •  QRadar correlates assets & vulnerabilities with real-time security data •  It then sends the prioritized list to BigFix administrators •  Machine Name, OS, IP Address, Malware incidents etc. •  Provides details on physical and virtual servers, PCs, Macs, POS devices, ATMs, kiosks, etc. •  All known CVEs exposed on an endpoint •  Quarantine endpoints until they can be remediated •  Patch or reconfigure endpoints IBM BigFixIBM BigFix IBM BigFix •  BigFix sends vulnerability and patch data to QRadar, automatically ensuring that QRadar's asset database is updated with current data Extending QRadar’s reach and simplifying incident response with BigFix Legend •  Avail Today •  Coming Soon
  • 19. 19© 2015 IBM Corporation BF Compliance endpoint view of QRadar prioritized vulnerabilities Endpoint info QRadar Risk Score CVEs Relevant fixlets Subject to change
  • 20. 20© 2015 IBM Corporation BigFix CVE Action Status Subject to change Action Status
  • 21. 21© 2015 IBM Corporation Prioritized CVE view Subject to change Endpoints affectedCVE ID and risk score
  • 22. 22© 2015 IBM Corporation BigFix / QRadar Integration Use Cases 1. BigFix fixlet and vulnerability status messages passed to QRadar –  Customer value: Actions that occur and vulnerabilities that exists on endpoints can be passed to QRadar for correlation with other security events. BigFix patch status is relayed to QRadar in a very timely fashion and is stored in the asset database. 2. QRadar can generate a list of assets that do not have BigFix installed, showing how many vulnerabilities could be remediated on each asset if BigFix were installed –  Customer value: Rapid identification of rogue or unmanaged assets and improved detection and reaction time. Provides strong case for managing assets with BigFix. 3. QRadar (QVM) assigns high-risk vulnerabilities (i.e. those determined via QRM policies) to BigFix for remediation or quarantine; also allows tracking should an exploit occur –  Customer value: Typical BigFix customers don’t have a way to figure out which patches should be assigned high priority. With this integration, high-risk vulnerabilities could be easily assigned to operations personnel as needed. BigFix administrators gain a way to know which patches should be considered for high priority “out of band” patching, and can initiate remediation immediately. This reduces risk of initial exploit, exploit propagation, and improves productivity. Typical QRadar customers don’t have a way to isolate vulnerable or compromised devices to limit potential exposures. With this integration, high-risk vulnerabilities could be easily isolated form the network allowing only BigFix communications. QRadar administrators gain a way to immediately react to possible exposures and have BigFix Administrators remediate the vulnerability. This reduces risk of initial exploit, exploit propagation, and improves productivity AvailableTodayComingSoon *The  Informa$on  regarding  poten$al  future  products  is  intended  to  outline  our  general  product  direc$on  and  it  should  not  be  relied  on  in  making  a  purchasing  decision.  The  informa$on  men$oned  regarding   poten$al  future  products  is  not  a  commitment,  promise,  or  legal  obliga$on  to  deliver  any  material,  code  or  func$onality.  Informa$on  about  poten$al  future  products  may  not  be  incorporated  into  any  contract.  The   development,  release,  and  $ming  of  any  future  features  or  func$onality  described  for  our  products  remains  at  our  sole  discre$on.   Subject  to  IBM  NDA  
  • 23. 23© 2015 IBM Corporation Endpoint & Threat Focal Points Sales Leaders: •  Anthony Aurigemma, WW Director of E&M Sales aaurigem@us.ibm.com •  Mark Phinick, WW Sales Leader mphinick@us.ibm.com •  Josh Stegall, WW Channel Sales Leader jstegall@us.ibm.com •  Jim Gottardi, NA Sales Leader Jim.Gottardi@us.ibm.com •  Teng Sherng Lim (T.S.), AP Sales Leader limtsh@sg.ibm.com •  John Seyerle, EU Sales Leader JSEY@ch.ibm.com Technical Leaders & Product Management: •  Jim Brennan, Dir, Product Mgt & Strategy jim.brennan@us.ibm.com •  Murtuza Choilawala, Pgm Director, PM & Strategy murtuza@us.ibm.com •  Rich Caponigro, BigFix Compliance PM cappy@us.ibm.com •  Lee Wei, WW Technical Sales Leader leewei@us.ibm.com •  Alex Donatelli, CTO for Endpoint Security alex.donatelli@it.ibm.com –  George Mina, Product Marketing geemin11@us.ibm.com –  Rohan Ramesh, Product Marketing rohanr@ca.ibm.com –  Mark Taggart, WW Sales Empowerment mttaggar@us.ibm.com Key Contacts
  • 24. 24© 2015 IBM Corporation Website: www.bigfix.com Twitter: @IBMBigFix
  • 25. © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOU www.ibm.com/security