SlideShare uma empresa Scribd logo

Nuix Incident Response: Explore the big picture to respond faster

Transferir como PPTX, PDF
Tryzens
Tryzens

- Nuix incident response provides advanced technology and experience in cybersecurity investigations to help organizations respond faster to incidents. - The Nuix Engine allows extraction of text and metadata from hundreds of file types and performs powerful filtering, searching, and discovery across evidence items. - Case studies demonstrate Nuix's ability to rapidly analyze large datasets, such as ingesting over 10 million items in under two hours and discovering a SQL injection attack through log file analysis in just a few minutes.

Software
1 de 48
© Voodoo Technology Ltd CYBER SECURITY EVERYTHING YOU NEED TO KNOW
© Voodoo Technology Ltd 2015 DATA-CENTRIC CYBER SOLUTIONS Voodoo Technology Limited Paul Scully, Director of Global Sales
© Voodoo Technology Ltd CYBER SECURITY: The Market Need SOURCE: ISACA CYBER CSX REPORT • Cybersecurity is a top global concern. 82% of enterprises expect to experience a cyber incident in 2015 • More than 35% are unable to fill open cybersecurity positions • 69% say certification is required for cybersecurity jobs • 33% say qualified candidates have hands-on experience • 46% say technical skills are needed • There is a cybersecurity skills crisis: 1 million unfilled jobs (source: Cisco) The research is clear. Cybersecurity has evolved from critical topic into a public safety issue
© Voodoo Technology Ltd DATA LIFECYCLE - Understand and prepare - Discover & classify - Investigate and respond CYBER SECURITY SOLUTIONS - Fill compliance gaps - Improve protection of sensitive data - Strengthen overall security posture COMPLIANCE AND RISK MANAGEMENT - Comply with regulations - Improve data governance - Establish a security baseline CYBER SECURITY: What We Do Integrated, automated and sustainable security and compliance. Automate & Operationalise
© Voodoo Technology Ltd CYBER SECURITY: Aligned with Business Needs Strategy  Security is a business priority aligned with the enterprise’s goals  Focus on innovation  Respond proactively to major changes to the threat landscape Technology  Embrace new and disruptive security technologies as part of the strategy Governance  Open communications with CEOs and corporate boards
© Voodoo Technology Ltd CYBER SECURITY: who we do it for VOODOOTEC
© Voodoo Technology Ltd Any Questions • Data-Centric Cyber Solutions
© Voodoo Technology Ltd SECURE ISLANDS
© Voodoo Technology Ltd Information Protection for the Borderless Enterprise Chris Rees UK Regional Sales Manager
© Voodoo Technology Ltd Secure Islands at a Glance • Leader in Information Protection & Control (IPC) • Introduced IQProtector™ in 2010 • Offices in US, UK, Germany, Switzerland, Israel • Strategic OEM agreement with HP • Patented, field-proven technology
© Voodoo Technology Ltd Select Customers Global 500 companies • Financial • Legal • Manufacturing • Retail • Energy • Telecommunications
© Voodoo Technology Ltd The threat vectors 13 Cyber Attacks Partners / OffshorePrivileged Users & Cloud Providers The Insider Threat Users & Devices Applications Storage AS SOON AS A DOCUMENT IS CREATED – IT IS EXPOSED
© Voodoo Technology Ltd The threat vectors 14 Cyber Attacks Partners / OffshorePrivileged Users & Cloud Providers The Insider Threat Users & Devices Applications Storage The Perimeter is Gone and No Longer Provides Protection AS SOON AS A DOCUMENT IS CREATED – IT IS EXPOSED
© Voodoo Technology Ltd The Perimeter is Gone & No Longer Provides Protection The threat vectors 15 AS SOON AS A DOCUMENT IS CREATED – IT IS EXPOSED Cyber Attacks Partners / OffshorePrivileged Users & Cloud Providers The Insider Threat Users & Devices Applications Storage The Perimeter is Gone and Can No Longer Be Protected Data Immunization At The Point of Creation Makes the Threat Irrelevant
© Voodoo Technology Ltd What is Active Data Immunization? Into the Data At The Point of Creation Policy Classification & Tagging Encryption Permission Usage Tracking
© Voodoo Technology Ltd Immunize files upon creation from any source Data generated by Apps & web Data used on devices in Office & mail apps Data stored & shared on/off premise Data used & at rest on repositories
© Voodoo Technology Ltd 100% Accurate classification – upon creation 18 DETERMINISTIC CLASSIFICATION & PROTECTION BASED ON SOURCE, CONTEXT AND CONTENT Data generated by Apps & web Data used on devices in Office & mail apps Data stored & shared via the Cloud Data used & at rest on repositories
© Voodoo Technology Ltd Data classification examples 19 Intercept Files At the Source, Upon Creation Finance Advisor Financial Report from SAP Salesforce Report Files copied to the M&A folder in Share Point Online Customers’ ID Patterns
© Voodoo Technology Ltd Encrypt all file types 20 User  Enhance Microsoft RMS  Encrypt ALL file types  Use encrypted file in its native app  Enforce usage-rights when using the file Seamless use & enforcement of usage rights for any file on any app
© Voodoo Technology Ltd Secure Collaboration 21 User  Collaborate securely using encrypted data  Collaborate securely using encrypted communications  Fully audited & controlled data decryption, if required Simple & secure collaboration – with anyone and on any device
© Voodoo Technology Ltd IQProtector™ Solution Components DATA INTERCEPTORS APPS & CLOUD INTERCEPTORS DATA SCANNERS & BRIDGE MANAGEMENT SERVER & CONSOLE IQPROTECTOR FOR ENDPOINT SERVER MOBILE
© Voodoo Technology Ltd To Summarize
© Voodoo Technology Ltd 24 Securely, Between peers, partners & applicationsCollaborat e 3 Without affecting IT processesStorage4 Enriching data management retention & searchArchive5 Enforce usage rights of all file formats - on native appsConsume2 Deterministic classification & protection at the sourceCreate1 Immunize your data from the point of creation, throughout its entire lifecycle
© Voodoo Technology Ltd www.secureislands.com
© Voodoo Technology Ltd
© Voodoo Technology Ltd Nuix Incident Response Explore the big picture to respond faster Nuix Incident Response Explore the big picture to respond faster
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 2813 May, 2015 Why are we here? It’s complicated!Why are we here? It’s complicated!
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 2913 May, 2015 The patented Nuix Engine is a technological leap ahead of other vendors. It offers: • Massively parallel processing – faster than any other technology • Forensic precision – more files processed, none left behind • Complex containers – transparency into the formats where enterprises store most of their human-generated data This allows you to gain fast, pinpoint accurate identification and investigation of any data. Systems and methods for load-balancing by secondary processors in parallel document indexing Sitsky & Sheehy US Patent – 8,359,365 B2 Why is Nuix different?Why is Nuix different?
© Voodoo Technology Ltd Nuix Incident Response: Summary • Advanced technology, unmatched scalability and deep experience in cybersecurity and investigations – We can change the way organizations tackle cybersecurity incidents. – We can reduce the gap between incident detection & remediation. – We can provide deep and rapid insights into the scope of a breach and the path to resolution. – We can build and apply intelligence. – We can train and empower your cybersecurity and investigation teams. – We can evolve to meet new challenges. Nuix Incident Response: Summary
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 3113 May, 2015 Data => Information => IntelligenceData => Information => Intelligence
© Voodoo Technology Ltd Extract text and metadata from 100s of different file types Email & Loose Files Incident Response Misc. Microsoft: • EDB, STM, EWS (Microsoft Exchange) • PST, OST (Microsoft Outlook storage files) • MSG (Microsoft Outlook single mail files) Lotus: • NSF (Lotus Notes / Domino) Misc. Other: • MBOX, DBX, MBX (Microsoft Outlook Express) • EML, EMLX, BOX, SML • Webmail – HTML Scraped from browser cache Document Types: • HTML , Plain text, RTF, PDF • DOCX, DOC, DOT (Microsoft Word) • XLSX, XLS, XLT (Microsoft Excel) • PPTX, PPT, POT, PPS (Microsoft PowerPoint) • WKS, XLR (Microsoft Works spreadsheets) Image Types: • PNG, JPEG, JP2, TIFF, GIF, BMP, PBM, PPM, PGM, RAW, WBMP, WMF, WMZ, EMF, EMZ Forensic Image Files: • Encase Images (E01, L01) • Access Data (AD1) • Linux DD Files • Mobile Images (Cellebrite / XRY / Oxygen) Log Files: • Windows Event Logs (EVT/EVTX) • Web Logs (IIS, Apache) • Firewall & FTP Logs • Logstash Output Network Captures: • PCAP Files System Files: • EXE/DLLs • LNK, Prefetch & Jump List Files • Windows Registry Hives inc. decoding File System Artifacts: • $LogFile, $UserJrml, Object ID • Apple property lists • Carving from unallocated & file slack Fuzzy Hashing - SSDeep Structured Data: • MS SQL (Live & MDF/LDF are text stripped) • SQLLite Browser & Cloud Artifacts: • IE, Safari, Chrome, Firefox • Dropbox, AWS Container Files • ZIP, RAR, LZH, LHA, ARC, TAR, GZ, BZ2, ISO Virtual Machine Images • VDK, VMDK (Virtual Disk Images) • Parallels Archive Systems • EMC EmailXtender (*.emx)/Source One • Symantec 2007, 8, 9, 10 • HP EAS DMS Systems: • MS SharePoint Unknown File Types: • Unknown file types are text stripped. Extract text and metadata from 100s of different file types
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 3313 May, 2015 Search, Discovery and AnalyticsSearch, Discovery and Analytics
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 3413 May, 2015 Incident Response DemandsIncident Response Demands
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 3513 May, 2015 • Insider Threat is costly and damaging to any organization and is often overlooked – One-third of cybercrime incidents involve insiders* – Nearly 50% of organizations say insider breaches are more damaging than those by outsiders* – 71% of employees say they can access data they should not see** • 50% of employees take some form of data when they switch companies – 43% of organizations say they cannot track user privilege escalation or anomalous access behavior*** – Average cost of a breach is around $3.5 million* • Organizations with a business continuity management, strong security posture and incident response plan with a CISO reduced the cost of breaches substantially* REMEMBER – AN EXTERNAL ACTOR BECOMES AN INSIDER! * CERT Program at Carnegie Mellon University, 2014 US State of Cybercrime Survey ** Ponemon Institute, Corporate Data: A Protected Asset or a Ticking Time Bomb? *** Courion, IT Security Executive Survey, Access Risk Attitudes Incident Response DemandsIncident Response Demands
© Voodoo Technology Ltd Nuix Incident Response – Overview
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 3713 May, 2015 Enterprise Capable Collection Includes enterprise capable logical collections, volatile data capture and visualization to allow investigators capture wide and maintain control. Enterprise Capable Collection
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 3813 May, 2015 Deep Log File SupportDeep Log File Support
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 3913 May, 2015 Powerful Filtering and SearchingPowerful Filtering and Searching
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 4013 May, 2015 Combine Intelligence – Context and GeoIPCombine Intelligence – Context and GeoIP
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 4113 May, 2015 Find A Thread…..And Pull It! SQLi – identified as “Notable Log Entry” by ContextTimeline automatically finds artifacts across other evidence items Find A Thread…..And Pull It!
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 4213 May, 2015 Find A Thread…..And Pull It!Find A Thread…..And Pull It!
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 4313 May, 2015 Deep File System AnalysisDeep File System Analysis
© Voodoo Technology Ltd Case StudyCase Study
© Voodoo Technology Ltd Product Use Case • Client traditionally used EnCase and GREP, hugely sceptical about Nuix in a data breach scenario • Nuix ingested over 10 million items (8.4 million apache logs) in 104 minutes (18.4 million log entries results inside 5 minutes) • Post processing only took 3 minutes to discover: – SQLi – Directory traversal – Uploads of shell scripts – Clear text card numbers – IPs responsible for the attack • Achieved using 8 core 28Gb RAM from a single RAID 5 disk
© Voodoo Technology Ltd Nuix Incident Response – Find Out More
© Voodoo Technology Ltd Events, Training and Thought Leadership Content • Fact Sheet: Nuix Incident Response • Brochure: Nuix Cybersecurity • Whitepapers: – The Good Shepherd Model for Cybersecurity – One Window into Your Investigations – Intelligence, Collaboration and Analytics for Digital Investigations • Nuix Unstructured Blog, Nuix Bytes Videos • Nuix Fundamentals Cybersecurity Training • Hack It & Track It Training • Quarterly Threat Briefings • Conference Presentations
© Voodoo Technology Ltd COPYRIGHT NUIX 2015 4813 May, 2015 FIND OUT MORE: nuix.com/blog facebook.com/nuixsoftware linkedin.com/company/nuix twitter.com/nuix youtube.com/nuixsoftware nuix.com
© Voodoo Technology Ltd Thank You Q&A

Recomendados

Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesNetIQ
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineeringPeter Wood
 
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...Michael Scheidell
 
OMG DDS Security. 4th Revised Submission
OMG DDS Security. 4th Revised SubmissionOMG DDS Security. 4th Revised Submission
OMG DDS Security. 4th Revised SubmissionGerardo Pardo-Castellote
 
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNorth Texas Chapter of the ISSA
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
 
Beware the Firewall My Son: The Workshop
Beware the Firewall My Son: The WorkshopBeware the Firewall My Son: The Workshop
Beware the Firewall My Son: The WorkshopMichele Chubirka
 
Modern cybersecurity threats, and shiny new tools to help deal with them
Modern cybersecurity threats, and shiny new tools to help deal with themModern cybersecurity threats, and shiny new tools to help deal with them
Modern cybersecurity threats, and shiny new tools to help deal with themTudor Damian
 

Recomendados

Advanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesAdvanced Persistent Threat - Evaluating Effective Responses
Advanced Persistent Threat - Evaluating Effective ResponsesNetIQ
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineeringPeter Wood
 
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...
Protecting the Castle: CYBER CRIME HAS BECOME THE NUMBER ONE PROPERTY CRIME ...Michael Scheidell
 
OMG DDS Security. 4th Revised Submission
OMG DDS Security. 4th Revised SubmissionOMG DDS Security. 4th Revised Submission
OMG DDS Security. 4th Revised SubmissionGerardo Pardo-Castellote
 
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon Swain
NTXISSACSC2 - Bring Your Own Device: The Great Debate by Brandon SwainNorth Texas Chapter of the ISSA
 
Lofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionLofty Ideals: The Nature of Clouds and Encryption
Lofty Ideals: The Nature of Clouds and EncryptionSean Whalen
 
Beware the Firewall My Son: The Workshop
Beware the Firewall My Son: The WorkshopBeware the Firewall My Son: The Workshop
Beware the Firewall My Son: The WorkshopMichele Chubirka
 
Modern cybersecurity threats, and shiny new tools to help deal with them
Modern cybersecurity threats, and shiny new tools to help deal with themModern cybersecurity threats, and shiny new tools to help deal with them
Modern cybersecurity threats, and shiny new tools to help deal with themTudor Damian
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Shah Sheikh
 
Security Awareness
Security AwarenessSecurity Awareness
Security AwarenessDinesh O Bareja
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsZivaro Inc
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityNational LECET
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
Preventing Code Leaks & Other Critical Security Risks from Code
Preventing Code Leaks & Other Critical Security Risks from CodePreventing Code Leaks & Other Critical Security Risks from Code
Preventing Code Leaks & Other Critical Security Risks from CodeDevOps.com
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chainaletarw
 
Emerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesEmerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesPeter Wood
 
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelEnterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelIntel - API Security & Tokenization
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
CCNA Security - Chapter 1
CCNA Security - Chapter 1CCNA Security - Chapter 1
CCNA Security - Chapter 1Irsandi Hasan
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
 
Networking and communications security – network architecture design
Networking and communications security – network architecture designNetworking and communications security – network architecture design
Networking and communications security – network architecture designEnterpriseGRC Solutions, Inc.
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills GapStephen Cobb
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof SoodZsolt Nemeth
 
Trend micro data protection
Trend micro data protectionTrend micro data protection
Trend micro data protectionAndrew Wong
 
Information security
Information securityInformation security
Information securityVijayananda Mohire
 
An introduction to Tryzens
An introduction to TryzensAn introduction to Tryzens
An introduction to TryzensTryzens
 
Minecraft birthday concept
Minecraft birthday concept Minecraft birthday concept
Minecraft birthday concept Vietnam Event & Communication Services J.S.C
 

Mais conteúdo relacionado

Mais procurados

Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Shah Sheikh
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsZivaro Inc
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 
Preventing Code Leaks & Other Critical Security Risks from Code
Preventing Code Leaks & Other Critical Security Risks from CodePreventing Code Leaks & Other Critical Security Risks from Code
Preventing Code Leaks & Other Critical Security Risks from CodeDevOps.com
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chainaletarw
 
Emerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesEmerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesPeter Wood
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoPrime Infoserv
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Eric Vanderburg
 
CCNA Security - Chapter 1
CCNA Security - Chapter 1CCNA Security - Chapter 1
CCNA Security - Chapter 1Irsandi Hasan
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
 
Networking and communications security – network architecture design
Networking and communications security – network architecture designNetworking and communications security – network architecture design
Networking and communications security – network architecture designEnterpriseGRC Solutions, Inc.
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills GapStephen Cobb
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof SoodZsolt Nemeth
 
Trend micro data protection
Trend micro data protectionTrend micro data protection
Trend micro data protectionAndrew Wong
 

Mais procurados (20)

Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
 
Security Awareness
Security AwarenessSecurity Awareness
Security Awareness
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective a
 
Preventing Code Leaks & Other Critical Security Risks from Code
Preventing Code Leaks & Other Critical Security Risks from CodePreventing Code Leaks & Other Critical Security Risks from Code
Preventing Code Leaks & Other Critical Security Risks from Code
 
Cyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply ChainCyber Security Professionals Viewed via Supply Chain
Cyber Security Professionals Viewed via Supply Chain
 
Emerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesEmerging Threats and Attack Surfaces
Emerging Threats and Attack Surfaces
 
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelEnterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - Intel
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
 
Secure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAltoSecure Access – Anywhere by Prisma, PaloAlto
Secure Access – Anywhere by Prisma, PaloAlto
 
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
Cybersecurity Incident Response Strategies and Tactics - RIMS 2017 - Eric Van...
 
CCNA Security - Chapter 1
CCNA Security - Chapter 1CCNA Security - Chapter 1
CCNA Security - Chapter 1
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
Networking and communications security – network architecture design
Networking and communications security – network architecture designNetworking and communications security – network architecture design
Networking and communications security – network architecture design
 
Sizing the Cyber Skills Gap
Sizing the Cyber Skills GapSizing the Cyber Skills Gap
Sizing the Cyber Skills Gap
 
Hakin9 interview w Prof Sood
Hakin9 interview w Prof SoodHakin9 interview w Prof Sood
Hakin9 interview w Prof Sood
 
Trend micro data protection
Trend micro data protectionTrend micro data protection
Trend micro data protection
 
Information security
Information securityInformation security
Information security
 

Destaque

An introduction to Tryzens
An introduction to TryzensAn introduction to Tryzens
An introduction to TryzensTryzens
 
Proposal concept ngày hội gia đình case kết nối yêu thương (revised 1)
Proposal concept ngày hội gia đình case kết nối yêu thương (revised 1)Proposal concept ngày hội gia đình case kết nối yêu thương (revised 1)
Proposal concept ngày hội gia đình case kết nối yêu thương (revised 1)Vietnam Event & Communication Services J.S.C
 
Twitter Training for the Medical Sector
Twitter Training for the Medical SectorTwitter Training for the Medical Sector
Twitter Training for the Medical SectorTryzens
 
MBC Twitter Training
MBC Twitter TrainingMBC Twitter Training
MBC Twitter TrainingTryzens
 
Ensuring compliance of patient data with big data
Ensuring compliance of patient data with big dataEnsuring compliance of patient data with big data
Ensuring compliance of patient data with big dataAyad Shammout
 

Destaque (16)

An introduction to Tryzens
An introduction to TryzensAn introduction to Tryzens
An introduction to Tryzens
 
Minecraft birthday concept
Minecraft birthday concept Minecraft birthday concept
Minecraft birthday concept
 
Proposal concept Ninjago (final)
Proposal concept Ninjago (final)Proposal concept Ninjago (final)
Proposal concept Ninjago (final)
 
Proposal Family Day Event_ Kimberly Clark
Proposal Family Day Event_ Kimberly ClarkProposal Family Day Event_ Kimberly Clark
Proposal Family Day Event_ Kimberly Clark
 
Proposal concept ngày hội gia đình case kết nối yêu thương (revised 1)
Proposal concept ngày hội gia đình case kết nối yêu thương (revised 1)Proposal concept ngày hội gia đình case kết nối yêu thương (revised 1)
Proposal concept ngày hội gia đình case kết nối yêu thương (revised 1)
 
Seeds of the soul party
Seeds of the soul partySeeds of the soul party
Seeds of the soul party
 
Twitter Training for the Medical Sector
Twitter Training for the Medical SectorTwitter Training for the Medical Sector
Twitter Training for the Medical Sector
 
Proposal concept_wedding party_ Phuong & Gavin
Proposal concept_wedding party_ Phuong & GavinProposal concept_wedding party_ Phuong & Gavin
Proposal concept_wedding party_ Phuong & Gavin
 
MBC Twitter Training
MBC Twitter TrainingMBC Twitter Training
MBC Twitter Training
 
Bao nhu ‘s 10th birthday party(1)
Bao nhu ‘s 10th birthday party(1)Bao nhu ‘s 10th birthday party(1)
Bao nhu ‘s 10th birthday party(1)
 
VECS_ Portfolio Corporate 25.07.2016
VECS_ Portfolio Corporate 25.07.2016VECS_ Portfolio Corporate 25.07.2016
VECS_ Portfolio Corporate 25.07.2016
 
Proposal Wedding chi Van_anh Thang
Proposal Wedding chi Van_anh ThangProposal Wedding chi Van_anh Thang
Proposal Wedding chi Van_anh Thang
 
Vecs portfolio private parties 2.8.2016
Vecs portfolio private parties 2.8.2016Vecs portfolio private parties 2.8.2016
Vecs portfolio private parties 2.8.2016
 
Proposal concept staff party great eastern
Proposal concept staff party great eastern Proposal concept staff party great eastern
Proposal concept staff party great eastern
 
Ensuring compliance of patient data with big data
Ensuring compliance of patient data with big dataEnsuring compliance of patient data with big data
Ensuring compliance of patient data with big data
 
Kidz party home_huong quynh_28.0515
Kidz party home_huong quynh_28.0515Kidz party home_huong quynh_28.0515
Kidz party home_huong quynh_28.0515
 

Semelhante a Nuix Incident Response: Explore the big picture to respond faster

DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)Gerardo Pardo-Castellote
 
Securing Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsSecuring Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsAbbie Hosta
 
Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Marco Casassa Mont
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Preparing for the Cybersecurity Renaissance
Preparing for the Cybersecurity RenaissancePreparing for the Cybersecurity Renaissance
Preparing for the Cybersecurity RenaissanceCloudera, Inc.
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Decisions
 
Redrawing the Cyber Defense Frontier
Redrawing the Cyber Defense FrontierRedrawing the Cyber Defense Frontier
Redrawing the Cyber Defense FrontierJoe Hage
 
SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentitySC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentityFredBrandonAuthorMCP
 
dataProtection_p3.ppt
dataProtection_p3.pptdataProtection_p3.ppt
dataProtection_p3.pptssusera76ea9
 
Cloud_security.pptx
Cloud_security.pptxCloud_security.pptx
Cloud_security.pptxSofiyaKhan49
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsEmulex Corporation
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourleyGovCloud Network
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprUlf Mattsson
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Decisions
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythSecurity Innovation
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
 
IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practiceteam-WIBU
 
Protecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareProtecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareCloudera, Inc.
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranKoenig Solutions Ltd.
 

Semelhante a Nuix Incident Response: Explore the big picture to respond faster (20)

DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
DDS - The Proven Data Connectivity Standard for the Industrial IoT (IIoT)
 
Industrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity StandardIndustrial IOT Data Connectivity Standard
Industrial IOT Data Connectivity Standard
 
Securing Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsSecuring Your Digital Files from Legal Threats
Securing Your Digital Files from Legal Threats
 
Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
Preparing for the Cybersecurity Renaissance
Preparing for the Cybersecurity RenaissancePreparing for the Cybersecurity Renaissance
Preparing for the Cybersecurity Renaissance
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 
Redrawing the Cyber Defense Frontier
Redrawing the Cyber Defense FrontierRedrawing the Cyber Defense Frontier
Redrawing the Cyber Defense Frontier
 
SC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and IdentitySC-900 Concepts of Security, Compliance, and Identity
SC-900 Concepts of Security, Compliance, and Identity
 
dataProtection_p3.ppt
dataProtection_p3.pptdataProtection_p3.ppt
dataProtection_p3.ppt
 
Cloud_security.pptx
Cloud_security.pptxCloud_security.pptx
Cloud_security.pptx
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdprIsaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
Isaca atlanta ulf mattsson - do you have a roadmap for eu gdpr
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015
 
IIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in PracticeIIoT Endpoint Security – The Model in Practice
IIoT Endpoint Security – The Model in Practice
 
Protecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareProtecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomware
 
IoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.PrabhakaranIoT Security, Threats and Challenges By V.P.Prabhakaran
IoT Security, Threats and Challenges By V.P.Prabhakaran
 

Último

The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceanilsa9823
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 

Último (20)

The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 

Nuix Incident Response: Explore the big picture to respond faster

  • 1. © Voodoo Technology Ltd CYBER SECURITY EVERYTHING YOU NEED TO KNOW
  • 2. © Voodoo Technology Ltd 2015 DATA-CENTRIC CYBER SOLUTIONS Voodoo Technology Limited Paul Scully, Director of Global Sales
  • 3. © Voodoo Technology Ltd CYBER SECURITY: The Market Need SOURCE: ISACA CYBER CSX REPORT • Cybersecurity is a top global concern. 82% of enterprises expect to experience a cyber incident in 2015 • More than 35% are unable to fill open cybersecurity positions • 69% say certification is required for cybersecurity jobs • 33% say qualified candidates have hands-on experience • 46% say technical skills are needed • There is a cybersecurity skills crisis: 1 million unfilled jobs (source: Cisco) The research is clear. Cybersecurity has evolved from critical topic into a public safety issue
  • 4. © Voodoo Technology Ltd DATA LIFECYCLE - Understand and prepare - Discover & classify - Investigate and respond CYBER SECURITY SOLUTIONS - Fill compliance gaps - Improve protection of sensitive data - Strengthen overall security posture COMPLIANCE AND RISK MANAGEMENT - Comply with regulations - Improve data governance - Establish a security baseline CYBER SECURITY: What We Do Integrated, automated and sustainable security and compliance. Automate & Operationalise
  • 5. © Voodoo Technology Ltd CYBER SECURITY: Aligned with Business Needs Strategy  Security is a business priority aligned with the enterprise’s goals  Focus on innovation  Respond proactively to major changes to the threat landscape Technology  Embrace new and disruptive security technologies as part of the strategy Governance  Open communications with CEOs and corporate boards
  • 6. © Voodoo Technology Ltd CYBER SECURITY: who we do it for VOODOOTEC
  • 7. © Voodoo Technology Ltd Any Questions • Data-Centric Cyber Solutions
  • 8. © Voodoo Technology Ltd SECURE ISLANDS
  • 9. © Voodoo Technology Ltd Information Protection for the Borderless Enterprise Chris Rees UK Regional Sales Manager
  • 10. © Voodoo Technology Ltd Secure Islands at a Glance • Leader in Information Protection & Control (IPC) • Introduced IQProtector™ in 2010 • Offices in US, UK, Germany, Switzerland, Israel • Strategic OEM agreement with HP • Patented, field-proven technology
  • 11. © Voodoo Technology Ltd Select Customers Global 500 companies • Financial • Legal • Manufacturing • Retail • Energy • Telecommunications
  • 12. © Voodoo Technology Ltd The threat vectors 13 Cyber Attacks Partners / OffshorePrivileged Users & Cloud Providers The Insider Threat Users & Devices Applications Storage AS SOON AS A DOCUMENT IS CREATED – IT IS EXPOSED
  • 13. © Voodoo Technology Ltd The threat vectors 14 Cyber Attacks Partners / OffshorePrivileged Users & Cloud Providers The Insider Threat Users & Devices Applications Storage The Perimeter is Gone and No Longer Provides Protection AS SOON AS A DOCUMENT IS CREATED – IT IS EXPOSED
  • 14. © Voodoo Technology Ltd The Perimeter is Gone & No Longer Provides Protection The threat vectors 15 AS SOON AS A DOCUMENT IS CREATED – IT IS EXPOSED Cyber Attacks Partners / OffshorePrivileged Users & Cloud Providers The Insider Threat Users & Devices Applications Storage The Perimeter is Gone and Can No Longer Be Protected Data Immunization At The Point of Creation Makes the Threat Irrelevant
  • 15. © Voodoo Technology Ltd What is Active Data Immunization? Into the Data At The Point of Creation Policy Classification & Tagging Encryption Permission Usage Tracking
  • 16. © Voodoo Technology Ltd Immunize files upon creation from any source Data generated by Apps & web Data used on devices in Office & mail apps Data stored & shared on/off premise Data used & at rest on repositories
  • 17. © Voodoo Technology Ltd 100% Accurate classification – upon creation 18 DETERMINISTIC CLASSIFICATION & PROTECTION BASED ON SOURCE, CONTEXT AND CONTENT Data generated by Apps & web Data used on devices in Office & mail apps Data stored & shared via the Cloud Data used & at rest on repositories
  • 18. © Voodoo Technology Ltd Data classification examples 19 Intercept Files At the Source, Upon Creation Finance Advisor Financial Report from SAP Salesforce Report Files copied to the M&A folder in Share Point Online Customers’ ID Patterns
  • 19. © Voodoo Technology Ltd Encrypt all file types 20 User  Enhance Microsoft RMS  Encrypt ALL file types  Use encrypted file in its native app  Enforce usage-rights when using the file Seamless use & enforcement of usage rights for any file on any app
  • 20. © Voodoo Technology Ltd Secure Collaboration 21 User  Collaborate securely using encrypted data  Collaborate securely using encrypted communications  Fully audited & controlled data decryption, if required Simple & secure collaboration – with anyone and on any device
  • 21. © Voodoo Technology Ltd IQProtector™ Solution Components DATA INTERCEPTORS APPS & CLOUD INTERCEPTORS DATA SCANNERS & BRIDGE MANAGEMENT SERVER & CONSOLE IQPROTECTOR FOR ENDPOINT SERVER MOBILE
  • 22. © Voodoo Technology Ltd To Summarize
  • 23. © Voodoo Technology Ltd 24 Securely, Between peers, partners & applicationsCollaborat e 3 Without affecting IT processesStorage4 Enriching data management retention & searchArchive5 Enforce usage rights of all file formats - on native appsConsume2 Deterministic classification & protection at the sourceCreate1 Immunize your data from the point of creation, throughout its entire lifecycle
  • 24. © Voodoo Technology Ltd www.secureislands.com
  • 26. © Voodoo Technology Ltd Nuix Incident Response Explore the big picture to respond faster Nuix Incident Response Explore the big picture to respond faster
  • 27. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 2813 May, 2015 Why are we here? It’s complicated!Why are we here? It’s complicated!
  • 28. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 2913 May, 2015 The patented Nuix Engine is a technological leap ahead of other vendors. It offers: • Massively parallel processing – faster than any other technology • Forensic precision – more files processed, none left behind • Complex containers – transparency into the formats where enterprises store most of their human-generated data This allows you to gain fast, pinpoint accurate identification and investigation of any data. Systems and methods for load-balancing by secondary processors in parallel document indexing Sitsky & Sheehy US Patent – 8,359,365 B2 Why is Nuix different?Why is Nuix different?
  • 29. © Voodoo Technology Ltd Nuix Incident Response: Summary • Advanced technology, unmatched scalability and deep experience in cybersecurity and investigations – We can change the way organizations tackle cybersecurity incidents. – We can reduce the gap between incident detection & remediation. – We can provide deep and rapid insights into the scope of a breach and the path to resolution. – We can build and apply intelligence. – We can train and empower your cybersecurity and investigation teams. – We can evolve to meet new challenges. Nuix Incident Response: Summary
  • 30. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 3113 May, 2015 Data => Information => IntelligenceData => Information => Intelligence
  • 31. © Voodoo Technology Ltd Extract text and metadata from 100s of different file types Email & Loose Files Incident Response Misc. Microsoft: • EDB, STM, EWS (Microsoft Exchange) • PST, OST (Microsoft Outlook storage files) • MSG (Microsoft Outlook single mail files) Lotus: • NSF (Lotus Notes / Domino) Misc. Other: • MBOX, DBX, MBX (Microsoft Outlook Express) • EML, EMLX, BOX, SML • Webmail – HTML Scraped from browser cache Document Types: • HTML , Plain text, RTF, PDF • DOCX, DOC, DOT (Microsoft Word) • XLSX, XLS, XLT (Microsoft Excel) • PPTX, PPT, POT, PPS (Microsoft PowerPoint) • WKS, XLR (Microsoft Works spreadsheets) Image Types: • PNG, JPEG, JP2, TIFF, GIF, BMP, PBM, PPM, PGM, RAW, WBMP, WMF, WMZ, EMF, EMZ Forensic Image Files: • Encase Images (E01, L01) • Access Data (AD1) • Linux DD Files • Mobile Images (Cellebrite / XRY / Oxygen) Log Files: • Windows Event Logs (EVT/EVTX) • Web Logs (IIS, Apache) • Firewall & FTP Logs • Logstash Output Network Captures: • PCAP Files System Files: • EXE/DLLs • LNK, Prefetch & Jump List Files • Windows Registry Hives inc. decoding File System Artifacts: • $LogFile, $UserJrml, Object ID • Apple property lists • Carving from unallocated & file slack Fuzzy Hashing - SSDeep Structured Data: • MS SQL (Live & MDF/LDF are text stripped) • SQLLite Browser & Cloud Artifacts: • IE, Safari, Chrome, Firefox • Dropbox, AWS Container Files • ZIP, RAR, LZH, LHA, ARC, TAR, GZ, BZ2, ISO Virtual Machine Images • VDK, VMDK (Virtual Disk Images) • Parallels Archive Systems • EMC EmailXtender (*.emx)/Source One • Symantec 2007, 8, 9, 10 • HP EAS DMS Systems: • MS SharePoint Unknown File Types: • Unknown file types are text stripped. Extract text and metadata from 100s of different file types
  • 32. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 3313 May, 2015 Search, Discovery and AnalyticsSearch, Discovery and Analytics
  • 33. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 3413 May, 2015 Incident Response DemandsIncident Response Demands
  • 34. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 3513 May, 2015 • Insider Threat is costly and damaging to any organization and is often overlooked – One-third of cybercrime incidents involve insiders* – Nearly 50% of organizations say insider breaches are more damaging than those by outsiders* – 71% of employees say they can access data they should not see** • 50% of employees take some form of data when they switch companies – 43% of organizations say they cannot track user privilege escalation or anomalous access behavior*** – Average cost of a breach is around $3.5 million* • Organizations with a business continuity management, strong security posture and incident response plan with a CISO reduced the cost of breaches substantially* REMEMBER – AN EXTERNAL ACTOR BECOMES AN INSIDER! * CERT Program at Carnegie Mellon University, 2014 US State of Cybercrime Survey ** Ponemon Institute, Corporate Data: A Protected Asset or a Ticking Time Bomb? *** Courion, IT Security Executive Survey, Access Risk Attitudes Incident Response DemandsIncident Response Demands
  • 35. © Voodoo Technology Ltd Nuix Incident Response – Overview
  • 36. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 3713 May, 2015 Enterprise Capable Collection Includes enterprise capable logical collections, volatile data capture and visualization to allow investigators capture wide and maintain control. Enterprise Capable Collection
  • 37. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 3813 May, 2015 Deep Log File SupportDeep Log File Support
  • 38. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 3913 May, 2015 Powerful Filtering and SearchingPowerful Filtering and Searching
  • 39. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 4013 May, 2015 Combine Intelligence – Context and GeoIPCombine Intelligence – Context and GeoIP
  • 40. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 4113 May, 2015 Find A Thread…..And Pull It! SQLi – identified as “Notable Log Entry” by ContextTimeline automatically finds artifacts across other evidence items Find A Thread…..And Pull It!
  • 41. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 4213 May, 2015 Find A Thread…..And Pull It!Find A Thread…..And Pull It!
  • 42. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 4313 May, 2015 Deep File System AnalysisDeep File System Analysis
  • 43. © Voodoo Technology Ltd Case StudyCase Study
  • 44. © Voodoo Technology Ltd Product Use Case • Client traditionally used EnCase and GREP, hugely sceptical about Nuix in a data breach scenario • Nuix ingested over 10 million items (8.4 million apache logs) in 104 minutes (18.4 million log entries results inside 5 minutes) • Post processing only took 3 minutes to discover: – SQLi – Directory traversal – Uploads of shell scripts – Clear text card numbers – IPs responsible for the attack • Achieved using 8 core 28Gb RAM from a single RAID 5 disk
  • 45. © Voodoo Technology Ltd Nuix Incident Response – Find Out More
  • 46. © Voodoo Technology Ltd Events, Training and Thought Leadership Content • Fact Sheet: Nuix Incident Response • Brochure: Nuix Cybersecurity • Whitepapers: – The Good Shepherd Model for Cybersecurity – One Window into Your Investigations – Intelligence, Collaboration and Analytics for Digital Investigations • Nuix Unstructured Blog, Nuix Bytes Videos • Nuix Fundamentals Cybersecurity Training • Hack It & Track It Training • Quarterly Threat Briefings • Conference Presentations
  • 47. © Voodoo Technology Ltd COPYRIGHT NUIX 2015 4813 May, 2015 FIND OUT MORE: nuix.com/blog facebook.com/nuixsoftware linkedin.com/company/nuix twitter.com/nuix youtube.com/nuixsoftware nuix.com
  • 48. © Voodoo Technology Ltd Thank You Q&A