SlideShare uma empresa Scribd logo

SIEM & IAM

Getting value from IoT, Integration and Data Analytics
Getting value from IoT, Integration and Data Analytics

Deze presentatie gaat over de integratie van SIEM (Security Incident en Event Management) en IAM (Identity en Access Management). SIEM geeft inzicht in de activiteiten van gebruikers, maar ontbeert de kennis van access en entitlement policies om beveiligingsincidenten in hun context te kunnen plaatsen. IAM heeft juist veel kennis van access en entitlement policies maar biedt geen goed inzicht in de daadwerkelijke activiteiten van gebruikers. Een goede integratie van deze twee technologieën stelt SIEM in staat de juiste exception monitoring te doen en IAM om op basis van handelingen van gebruikers Access en Entitlement Policies scherper bij te stellen en af te dwingen.

Tecnologia
1 de 13
Identity & Access Management Congres, Heliview André van Winssen, 28 mei 2013 SIEM & IAM
2 Who am I • André van Winssen • 20+ years in IT • Oracle and Security consultant • Sometimes too involved in application projects – but then I don’t mind
Company profile • Actief vanaf 1991 • Financieel gezond • 95 medewerkers • + 100 projecten succesvol • + 1000 jr Oracle en Java kennis • 3 ACE Directors en 2 ACEs aan boord • 2 Agile Masters • Oracle Platinum partner – Database - BPM – SOA - OEM – ADF - Webcenter
4 • The Changing Enterprise Security Model • Current IT initiatives
5 SIEM • SIM - Security Information Management – Analysis & compliance reporting of log data – Long term storage of this information • SEM - Security Event Management – Real-time analysis, monitoring & notification – Networks, security-devices, systems, applications, databases • SIEM - Security Information & Event Management – Compliance – Threat Management – Incident Response
6 SIEM strength • User activity • Access monitoring • Collection of critical log data • Identification of IS threats & responses • Broad based monitoring of security events
7 IAM • Identity Access Management • Initiate, capture, record, manage – User identities – Access permissions • IAM Policy describes – How to Authenticate – Authorizations – What to Audit
8 IAM strength • Acces control – Applications & Data • Entitlement management – Fine-grained access to • Structured/unstructured data, devices & services • User and role provisioning – Provision & deprovision – Role engineering/role mining • Context based – Circumstantial factors (time, IP, application)
9 Technology integration • SIEM consumes IAM data – For exception monitoring it needs some IAM policy context • IAM consumes SIEM data – Adjust access when SIEM detects abuse of privileges • Security intelligence
10 Technology integration • Self-integrated – Enterprise Integrated – Combine best of breed – a point solution • Vendor integrated – Platform approach – Burden of integration to vendor – More value for money
11 Oracle • Where is Oracle in SIEM-IAM integration? – Ad hoc interfacing IAM audit data with SIEM • FMW audit framework • Database auditing • Oracle API gateway • Oracle Platform Security Services • Oracle Database Firewall Integration with Arcsight SIEM • Adaptive Access management • real-time (online) and batch (offline) risk analytics • Automated behavioral profiler • Configurable decision engine (for non-IT personnel) • Device fingerprinting
12 Q & A
SIEM & IAM

Recomendados

Cloud Migration, Application Modernization, and Security
Cloud Migration, Application Modernization, and Security Cloud Migration, Application Modernization, and Security
Cloud Migration, Application Modernization, and Security Tom Laszewski
 
Best Practices for Architecting in the Cloud - Jeff Barr
Best Practices for Architecting in the Cloud - Jeff BarrBest Practices for Architecting in the Cloud - Jeff Barr
Best Practices for Architecting in the Cloud - Jeff BarrAmazon Web Services
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceShankar Subramaniyan
 
How to create a User Defined Policy with IBM APIc (v10)
How to create a User Defined Policy with IBM APIc (v10)How to create a User Defined Policy with IBM APIc (v10)
How to create a User Defined Policy with IBM APIc (v10)Shiu-Fun Poon
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Radhakrishnan Govindan
 
Azure Logic Apps
Azure Logic AppsAzure Logic Apps
Azure Logic AppsBizTalk360
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessForgeRock
 

Recomendados

Cloud Migration, Application Modernization, and Security
Cloud Migration, Application Modernization, and Security Cloud Migration, Application Modernization, and Security
Cloud Migration, Application Modernization, and Security Tom Laszewski
 
Best Practices for Architecting in the Cloud - Jeff Barr
Best Practices for Architecting in the Cloud - Jeff BarrBest Practices for Architecting in the Cloud - Jeff Barr
Best Practices for Architecting in the Cloud - Jeff BarrAmazon Web Services
 
Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Identity and Access Management (IAM): Benefits and Best Practices 
Identity and Access Management (IAM): Benefits and Best Practices Veritis Group, Inc
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security GovernanceShankar Subramaniyan
 
How to create a User Defined Policy with IBM APIc (v10)
How to create a User Defined Policy with IBM APIc (v10)How to create a User Defined Policy with IBM APIc (v10)
How to create a User Defined Policy with IBM APIc (v10)Shiu-Fun Poon
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Radhakrishnan Govindan
 
Azure Logic Apps
Azure Logic AppsAzure Logic Apps
Azure Logic AppsBizTalk360
 
Developing an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessDeveloping an IAM Roadmap that Fits Your Business
Developing an IAM Roadmap that Fits Your BusinessForgeRock
 
IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Sverige
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access managementVandana Verma
 
Building APIs with Amazon API Gateway
Building APIs with Amazon API GatewayBuilding APIs with Amazon API Gateway
Building APIs with Amazon API GatewayAmazon Web Services
 
System Center Configuration Manager-The Most Popular System Center Component
System Center Configuration Manager-The Most Popular System Center Component System Center Configuration Manager-The Most Popular System Center Component
System Center Configuration Manager-The Most Popular System Center Component C/D/H Technology Consultants
 
App Modernisation with Microsoft Azure
App Modernisation with Microsoft AzureApp Modernisation with Microsoft Azure
App Modernisation with Microsoft AzureAdam Stephensen
 
Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementGovernment Technology Exhibition and Conference
 
Where to Begin? Application Portfolio Migration
Where to Begin? Application Portfolio MigrationWhere to Begin? Application Portfolio Migration
Where to Begin? Application Portfolio MigrationAmazon Web Services
 
Decouple and Scale Applications Using Amazon SQS and Amazon SNS - July 2017 A...
Decouple and Scale Applications Using Amazon SQS and Amazon SNS - July 2017 A...Decouple and Scale Applications Using Amazon SQS and Amazon SNS - July 2017 A...
Decouple and Scale Applications Using Amazon SQS and Amazon SNS - July 2017 A...Amazon Web Services
 
Data Protection in Transit and at Rest
Data Protection in Transit and at RestData Protection in Transit and at Rest
Data Protection in Transit and at RestAmazon Web Services
 
DCSF19 Container Security: Theory & Practice at Netflix
DCSF19 Container Security: Theory & Practice at NetflixDCSF19 Container Security: Theory & Practice at Netflix
DCSF19 Container Security: Theory & Practice at NetflixDocker, Inc.
 
Application Migrations
Application MigrationsApplication Migrations
Application MigrationsAmazon Web Services
 
Building an API Security Strategy
Building an API Security StrategyBuilding an API Security Strategy
Building an API Security StrategySmartBear
 
M365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skusM365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skusSpencerLuke2
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsJohn Bauer
 
Cloud Migration: Moving Data and Infrastructure to the Cloud
Cloud Migration: Moving Data and Infrastructure to the CloudCloud Migration: Moving Data and Infrastructure to the Cloud
Cloud Migration: Moving Data and Infrastructure to the CloudSafe Software
 
App Modernization with Microsoft Azure
App Modernization with Microsoft AzureApp Modernization with Microsoft Azure
App Modernization with Microsoft AzureMicrosoft Tech Community
 
App Dynamics
App DynamicsApp Dynamics
App DynamicsDealmaker Media
 
Getting Started with Amazon Inspector
Getting Started with Amazon InspectorGetting Started with Amazon Inspector
Getting Started with Amazon InspectorAmazon Web Services
 
Getting Started with AWS Database Migration Service
Getting Started with AWS Database Migration ServiceGetting Started with AWS Database Migration Service
Getting Started with AWS Database Migration ServiceAmazon Web Services
 
APIC/DataPower security
APIC/DataPower securityAPIC/DataPower security
APIC/DataPower securityShiu-Fun Poon
 
SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0Rasmi Swain
 
A Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterA Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterForgeRock
 

Mais conteúdo relacionado

Mais procurados

IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Sverige
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access managementVandana Verma
 
Building APIs with Amazon API Gateway
Building APIs with Amazon API GatewayBuilding APIs with Amazon API Gateway
Building APIs with Amazon API GatewayAmazon Web Services
 
System Center Configuration Manager-The Most Popular System Center Component
System Center Configuration Manager-The Most Popular System Center Component System Center Configuration Manager-The Most Popular System Center Component
System Center Configuration Manager-The Most Popular System Center Component C/D/H Technology Consultants
 
App Modernisation with Microsoft Azure
App Modernisation with Microsoft AzureApp Modernisation with Microsoft Azure
App Modernisation with Microsoft AzureAdam Stephensen
 
Where to Begin? Application Portfolio Migration
Where to Begin? Application Portfolio MigrationWhere to Begin? Application Portfolio Migration
Where to Begin? Application Portfolio MigrationAmazon Web Services
 
Decouple and Scale Applications Using Amazon SQS and Amazon SNS - July 2017 A...
Decouple and Scale Applications Using Amazon SQS and Amazon SNS - July 2017 A...Decouple and Scale Applications Using Amazon SQS and Amazon SNS - July 2017 A...
Decouple and Scale Applications Using Amazon SQS and Amazon SNS - July 2017 A...Amazon Web Services
 
Data Protection in Transit and at Rest
Data Protection in Transit and at RestData Protection in Transit and at Rest
Data Protection in Transit and at RestAmazon Web Services
 
DCSF19 Container Security: Theory & Practice at Netflix
DCSF19 Container Security: Theory & Practice at NetflixDCSF19 Container Security: Theory & Practice at Netflix
DCSF19 Container Security: Theory & Practice at NetflixDocker, Inc.
 
Building an API Security Strategy
Building an API Security StrategyBuilding an API Security Strategy
Building an API Security StrategySmartBear
 
M365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skusM365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skusSpencerLuke2
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsJohn Bauer
 
Cloud Migration: Moving Data and Infrastructure to the Cloud
Cloud Migration: Moving Data and Infrastructure to the CloudCloud Migration: Moving Data and Infrastructure to the Cloud
Cloud Migration: Moving Data and Infrastructure to the CloudSafe Software
 
Getting Started with Amazon Inspector
Getting Started with Amazon InspectorGetting Started with Amazon Inspector
Getting Started with Amazon InspectorAmazon Web Services
 
Getting Started with AWS Database Migration Service
Getting Started with AWS Database Migration ServiceGetting Started with AWS Database Migration Service
Getting Started with AWS Database Migration ServiceAmazon Web Services
 
APIC/DataPower security
APIC/DataPower securityAPIC/DataPower security
APIC/DataPower securityShiu-Fun Poon
 

Mais procurados (20)

IBM Security Identity & Access Manager
IBM Security Identity & Access ManagerIBM Security Identity & Access Manager
IBM Security Identity & Access Manager
 
Identity & access management
Identity & access managementIdentity & access management
Identity & access management
 
Building APIs with Amazon API Gateway
Building APIs with Amazon API GatewayBuilding APIs with Amazon API Gateway
Building APIs with Amazon API Gateway
 
System Center Configuration Manager-The Most Popular System Center Component
System Center Configuration Manager-The Most Popular System Center Component System Center Configuration Manager-The Most Popular System Center Component
System Center Configuration Manager-The Most Popular System Center Component
 
App Modernisation with Microsoft Azure
App Modernisation with Microsoft AzureApp Modernisation with Microsoft Azure
App Modernisation with Microsoft Azure
 
Building Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access ManagementBuilding Your Roadmap Sucessful Identity And Access Management
Building Your Roadmap Sucessful Identity And Access Management
 
Where to Begin? Application Portfolio Migration
Where to Begin? Application Portfolio MigrationWhere to Begin? Application Portfolio Migration
Where to Begin? Application Portfolio Migration
 
Decouple and Scale Applications Using Amazon SQS and Amazon SNS - July 2017 A...
Decouple and Scale Applications Using Amazon SQS and Amazon SNS - July 2017 A...Decouple and Scale Applications Using Amazon SQS and Amazon SNS - July 2017 A...
Decouple and Scale Applications Using Amazon SQS and Amazon SNS - July 2017 A...
 
Data Protection in Transit and at Rest
Data Protection in Transit and at RestData Protection in Transit and at Rest
Data Protection in Transit and at Rest
 
DCSF19 Container Security: Theory & Practice at Netflix
DCSF19 Container Security: Theory & Practice at NetflixDCSF19 Container Security: Theory & Practice at Netflix
DCSF19 Container Security: Theory & Practice at Netflix
 
Application Migrations
Application MigrationsApplication Migrations
Application Migrations
 
Building an API Security Strategy
Building an API Security StrategyBuilding an API Security Strategy
Building an API Security Strategy
 
M365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skusM365 e3 and identity and threat protection and compliance new skus
M365 e3 and identity and threat protection and compliance new skus
 
SSO Strategy Implementation Considerations
SSO Strategy Implementation ConsiderationsSSO Strategy Implementation Considerations
SSO Strategy Implementation Considerations
 
Cloud Migration: Moving Data and Infrastructure to the Cloud
Cloud Migration: Moving Data and Infrastructure to the CloudCloud Migration: Moving Data and Infrastructure to the Cloud
Cloud Migration: Moving Data and Infrastructure to the Cloud
 
App Modernization with Microsoft Azure
App Modernization with Microsoft AzureApp Modernization with Microsoft Azure
App Modernization with Microsoft Azure
 
App Dynamics
App DynamicsApp Dynamics
App Dynamics
 
Getting Started with Amazon Inspector
Getting Started with Amazon InspectorGetting Started with Amazon Inspector
Getting Started with Amazon Inspector
 
Getting Started with AWS Database Migration Service
Getting Started with AWS Database Migration ServiceGetting Started with AWS Database Migration Service
Getting Started with AWS Database Migration Service
 
APIC/DataPower security
APIC/DataPower securityAPIC/DataPower security
APIC/DataPower security
 

Semelhante a SIEM & IAM

SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0Rasmi Swain
 
A Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterA Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterForgeRock
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsTechcello
 
Build Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSBuild Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSLahav Savir
 
Spider & F5 Round Table - Secure the Cloud Data Center with eMind
Spider & F5 Round Table - Secure the Cloud Data Center with eMindSpider & F5 Round Table - Secure the Cloud Data Center with eMind
Spider & F5 Round Table - Secure the Cloud Data Center with eMindTzoori Tamam
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM MaturityJerod Brennen
 
Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudAmazon Web Services
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applicationskanimozhin
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloudAjay Rathi
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlAlgoSec
 
Protecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetProtecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetPerforce
 
Big Data For Threat Detection & Response
Big Data For Threat Detection & ResponseBig Data For Threat Detection & Response
Big Data For Threat Detection & ResponseHarry McLaren
 
Security Monitoring Course - Ali Ahangari
Security Monitoring Course - Ali AhangariSecurity Monitoring Course - Ali Ahangari
Security Monitoring Course - Ali AhangariAli Ahangari
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostPrecisely
 

Semelhante a SIEM & IAM (20)

SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0SIEM enabled risk management , SOC and GRC v1.0
SIEM enabled risk management , SOC and GRC v1.0
 
A Study in Borderless Over Perimeter
A Study in Borderless Over PerimeterA Study in Borderless Over Perimeter
A Study in Borderless Over Perimeter
 
Cyber Security Needs and Challenges
Cyber Security Needs and ChallengesCyber Security Needs and Challenges
Cyber Security Needs and Challenges
 
Security Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS ApplicationsSecurity Architecture Best Practices for SaaS Applications
Security Architecture Best Practices for SaaS Applications
 
Aujas Cyber Security
Aujas Cyber SecurityAujas Cyber Security
Aujas Cyber Security
 
Build Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWSBuild Secure Cloud Solution using F5 BIG-IP on AWS
Build Secure Cloud Solution using F5 BIG-IP on AWS
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
 
Spider & F5 Round Table - Secure the Cloud Data Center with eMind
Spider & F5 Round Table - Secure the Cloud Data Center with eMindSpider & F5 Round Table - Secure the Cloud Data Center with eMind
Spider & F5 Round Table - Secure the Cloud Data Center with eMind
 
The Path to IAM Maturity
The Path to IAM MaturityThe Path to IAM Maturity
The Path to IAM Maturity
 
Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019Identiverse Zero Trust Customer Briefing, Identiverse 2019
Identiverse Zero Trust Customer Briefing, Identiverse 2019
 
Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS Cloud
 
Security architecture best practices for saas applications
Security architecture best practices for saas applicationsSecurity architecture best practices for saas applications
Security architecture best practices for saas applications
 
AWS Cloud Security
AWS Cloud SecurityAWS Cloud Security
AWS Cloud Security
 
security and compliance in the cloud
security and compliance in the cloudsecurity and compliance in the cloud
security and compliance in the cloud
 
Security Change Management: Agility vs. Control
Security Change Management: Agility vs. ControlSecurity Change Management: Agility vs. Control
Security Change Management: Agility vs. Control
 
SORT OUT YOUR SIEM
SORT OUT YOUR SIEMSORT OUT YOUR SIEM
SORT OUT YOUR SIEM
 
Protecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and IntersetProtecting Your IP with Perforce Helix and Interset
Protecting Your IP with Perforce Helix and Interset
 
Big Data For Threat Detection & Response
Big Data For Threat Detection & ResponseBig Data For Threat Detection & Response
Big Data For Threat Detection & Response
 
Security Monitoring Course - Ali Ahangari
Security Monitoring Course - Ali AhangariSecurity Monitoring Course - Ali Ahangari
Security Monitoring Course - Ali Ahangari
 
IBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter MostIBM i Security: Identifying the Events That Matter Most
IBM i Security: Identifying the Events That Matter Most
 

Mais de Getting value from IoT, Integration and Data Analytics

Mais de Getting value from IoT, Integration and Data Analytics (20)

AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...
AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...
AMIS Oracle OpenWorld en Code One Review 2018 - Blockchain, Integration, Serv...
 
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: Custom Application ...
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: Custom Application ...AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: Custom Application ...
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: Custom Application ...
 
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: SaaS
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: SaaSAMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: SaaS
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 2: SaaS
 
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Data
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: DataAMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Data
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Data
 
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Cloud Infrastructure
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Cloud Infrastructure AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Cloud Infrastructure
AMIS Oracle OpenWorld en Code One Review 2018 - Pillar 1: Cloud Infrastructure
 
10 tips voor verbetering in je Linkedin profiel
10 tips voor verbetering in je Linkedin profiel10 tips voor verbetering in je Linkedin profiel
10 tips voor verbetering in je Linkedin profiel
 
Iot in de zorg the next step - fit for purpose
Iot in de zorg the next step - fit for purpose Iot in de zorg the next step - fit for purpose
Iot in de zorg the next step - fit for purpose
 
Iot overview .. Best practices and lessons learned by Conclusion Conenct
Iot overview .. Best practices and lessons learned by Conclusion Conenct Iot overview .. Best practices and lessons learned by Conclusion Conenct
Iot overview .. Best practices and lessons learned by Conclusion Conenct
 
IoT Fit for purpose - how to be successful in IOT Conclusion Connect
IoT Fit for purpose - how to be successful in IOT Conclusion Connect IoT Fit for purpose - how to be successful in IOT Conclusion Connect
IoT Fit for purpose - how to be successful in IOT Conclusion Connect
 
Industry and IOT Overview of protocols and best practices Conclusion Connect
Industry and IOT Overview of protocols and best practices Conclusion ConnectIndustry and IOT Overview of protocols and best practices Conclusion Connect
Industry and IOT Overview of protocols and best practices Conclusion Connect
 
IoT practical case using the people counter sensing traffic density build usi...
IoT practical case using the people counter sensing traffic density build usi...IoT practical case using the people counter sensing traffic density build usi...
IoT practical case using the people counter sensing traffic density build usi...
 
R introduction decision_trees
R introduction decision_treesR introduction decision_trees
R introduction decision_trees
 
Introduction overviewmachinelearning sig Door Lucas Jellema
Introduction overviewmachinelearning sig Door Lucas JellemaIntroduction overviewmachinelearning sig Door Lucas Jellema
Introduction overviewmachinelearning sig Door Lucas Jellema
 
IoT and the Future of work
IoT and the Future of work IoT and the Future of work
IoT and the Future of work
 
Oracle OpenWorld 2017 Review (31st October 2017 - 250 slides)
Oracle OpenWorld 2017 Review (31st October 2017 - 250 slides)Oracle OpenWorld 2017 Review (31st October 2017 - 250 slides)
Oracle OpenWorld 2017 Review (31st October 2017 - 250 slides)
 
Ethereum smart contracts - door Peter Reitsma
Ethereum smart contracts - door Peter ReitsmaEthereum smart contracts - door Peter Reitsma
Ethereum smart contracts - door Peter Reitsma
 
Blockchain - Techniek en usecases door Robert van Molken - AMIS - Conclusion
Blockchain - Techniek en usecases door Robert van Molken - AMIS - ConclusionBlockchain - Techniek en usecases door Robert van Molken - AMIS - Conclusion
Blockchain - Techniek en usecases door Robert van Molken - AMIS - Conclusion
 
kennissessie blockchain - Wat is Blockchain en smart contracts @Conclusion
kennissessie blockchain - Wat is Blockchain en smart contracts @Conclusion kennissessie blockchain - Wat is Blockchain en smart contracts @Conclusion
kennissessie blockchain - Wat is Blockchain en smart contracts @Conclusion
 
Internet of Things propositie - Enterprise IOT - AMIS - Conclusion
Internet of Things propositie - Enterprise IOT - AMIS - Conclusion Internet of Things propositie - Enterprise IOT - AMIS - Conclusion
Internet of Things propositie - Enterprise IOT - AMIS - Conclusion
 
Omc AMIS evenement 26012017 Dennis van Soest
Omc AMIS evenement 26012017 Dennis van SoestOmc AMIS evenement 26012017 Dennis van Soest
Omc AMIS evenement 26012017 Dennis van Soest
 

Último

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 

Último (20)

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 

SIEM & IAM

  • 1. Identity & Access Management Congres, Heliview André van Winssen, 28 mei 2013 SIEM & IAM
  • 2. 2 Who am I • André van Winssen • 20+ years in IT • Oracle and Security consultant • Sometimes too involved in application projects – but then I don’t mind
  • 3. Company profile • Actief vanaf 1991 • Financieel gezond • 95 medewerkers • + 100 projecten succesvol • + 1000 jr Oracle en Java kennis • 3 ACE Directors en 2 ACEs aan boord • 2 Agile Masters • Oracle Platinum partner – Database - BPM – SOA - OEM – ADF - Webcenter
  • 4. 4 • The Changing Enterprise Security Model • Current IT initiatives
  • 5. 5 SIEM • SIM - Security Information Management – Analysis & compliance reporting of log data – Long term storage of this information • SEM - Security Event Management – Real-time analysis, monitoring & notification – Networks, security-devices, systems, applications, databases • SIEM - Security Information & Event Management – Compliance – Threat Management – Incident Response
  • 6. 6 SIEM strength • User activity • Access monitoring • Collection of critical log data • Identification of IS threats & responses • Broad based monitoring of security events
  • 7. 7 IAM • Identity Access Management • Initiate, capture, record, manage – User identities – Access permissions • IAM Policy describes – How to Authenticate – Authorizations – What to Audit
  • 8. 8 IAM strength • Acces control – Applications & Data • Entitlement management – Fine-grained access to • Structured/unstructured data, devices & services • User and role provisioning – Provision & deprovision – Role engineering/role mining • Context based – Circumstantial factors (time, IP, application)
  • 9. 9 Technology integration • SIEM consumes IAM data – For exception monitoring it needs some IAM policy context • IAM consumes SIEM data – Adjust access when SIEM detects abuse of privileges • Security intelligence
  • 10. 10 Technology integration • Self-integrated – Enterprise Integrated – Combine best of breed – a point solution • Vendor integrated – Platform approach – Burden of integration to vendor – More value for money
  • 11. 11 Oracle • Where is Oracle in SIEM-IAM integration? – Ad hoc interfacing IAM audit data with SIEM • FMW audit framework • Database auditing • Oracle API gateway • Oracle Platform Security Services • Oracle Database Firewall Integration with Arcsight SIEM • Adaptive Access management • real-time (online) and batch (offline) risk analytics • Automated behavioral profiler • Configurable decision engine (for non-IT personnel) • Device fingerprinting