SlideShare uma empresa Scribd logo

Using Digital Threat Intelligence Management (DTIM) to Combat Threats

Enterprise Management Associates
Enterprise Management Associates

Is the time right for your organization to purchase a threat intelligence platform? These slides--based on the webinar featuring leading IT analyst firm EMA and IntSights--provides research-based insights to help you determine whether or not digital threat intelligence management is right for your organization. You will also get key insights into new research, including the methodology behind platform evaluation and an overview of key players in the market.

Tecnologia
1 de 33
Baixar para ler offline
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Using Digital Threat Intelligence Management to Combat Threats: Understanding the Ins and Outs of DTIM Platforms David Monahan Managing Research Director, Security and Risk Management Enterprise Management Associates Alon Arvatz CPO and Co-founder IntSights
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Watch the On-Demand Webinar Slide 2 © 2018 Enterprise Management Associates, Inc. • Using Digital Threat Intelligence Management to Combat Threats: Understanding the Ins and Outs of DTIM Platforms On-Demand webinar is available here: https://ema.wistia.com/medias/dfkndj8ttw • Check out upcoming webinars from EMA here: http://www.enterprisemanagement.com/freeResearch
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Today’s Speakers Alon Arvatz, CPO and Co-founder, IntSights George S. Patton said “If everyone is thinking alike, then somebody isn’t thinking.” Alon thinks, but not like most of us. And it’s this quality that has given him vast experience and knowledge in the world of cyberthreat intelligence, and why he has succeeded in working in the most advanced environments in the world. After serving in an elite intelligence unit in the Israel Defense Forces, Alon joined Guy Nizan to establish Cyber School, a center providing teenagers with courses, seminars and summer camp workshops on cyber intelligence. David Monahan, Managing Research Director, Security and Risk Management, EMA David is a senior information security executive with several years of experience. He has organized and managed both physical and information security programs, including security and network operations (SOCs and NOCs) for organizations ranging from Fortune 100 companies to local government and small public and private companies. He has diverse audit and compliance and risk and privacy experience such as providing strategic and tactical leadership to develop, architect, and deploy assurance controls; delivering process and policy documentation and training; and working on educational and technical solutions.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Logistics for Today’s Webinar An archived version of the event recording will be available at www.enterprisemanagement.com • Log questions in the chat panel located on the lower left-hand corner of your screen • Questions will be addressed during the Q&A session of the event QUESTIONS EVENT RECORDING A PDF of the speaker slides will be distributed to all attendees PDF SLIDES
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Using Digital Threat Intelligence Management to Combat Threats: Understanding the Ins and Outs of DTIM Platforms David Monahan Managing Research Director, Security and Risk Management Enterprise Management Associates
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Why Invest in DTIM • Breaches are increasing and seem inevitable for every company • Organized cybercrime operates like a business, perpetrated by a small number of groups who take great care not to expose their activities in online forums • Cybercrime presents a significant risk to individuals and organizations • The FBI reported that Internet crime led to losses in excess of $1.3 billion USD in 2016.1 • Business email compromise (BEC) and business email spoofing (BES) accounted for $5 billion USD in losses globally between October 2013 and December 2016.2 • Victims’ losses, related to BEC and BES schemes, increased by 2,370 percent between January 2015 and December 2016, according to figures released by the FBI.2 • The perceived gap between criminality and nation-states, in terms of both actors and capabilities, will continue to shrink.2 • 1) 2016 IC3Report.pdf • 2) SecureWorks 2017 State of Cybercrime Report Slide 6 © 2018 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Why Invest in DTIM (cont’d) • Nearly 1 billion personal records and just over 1 billion credentials were stolen in 2016 • 2017 VDBIR identifies that external notification of breach is still the #1 method of discovery • Financial gain motivates approximately 68 percent of cyber-breaches, while espionage drives about 25 percent. All other motivations account for only seven percent of breaches.3 • DTIM solutions have the opportunity to drive faster response in as much as 75 percent of breaches. • DTIM can reduce identification time of information release to less than 24 hours Slide 7 © 2018 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Definition: Digital Threat Intelligence Management (DTIM) Slide 8 © 2018 Enterprise Management Associates, Inc. Platforms that aid organizations with external threat identification and risk management by locating, gathering, and assimilating threat intelligence from a variety of sources. Not just a data feed!
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Criteria for Inclusion in DTIM Slide 9 © 2018 Enterprise Management Associates, Inc. Paying Customers Customer-validated time savings Threat information must be externally verifiable
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Architecture and Integration Deployment and Administration Functionality Cost Advantage Vendor Strength Criteria for Inclusion in DTIM (cont’d) Over 100 Key Performance Indicators (KPIs) Slide 10 © 2018 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Key Areas for Vendor Selection: Data Sources & Collection Slide 11 © 2018 Enterprise Management Associates, Inc. Data Aggregation Data Creation/Collection Openly Available Sources Government Sources Private Subscriptions Proprietary Collection Common Internet Deep Web Dark Web Mobile Email Social
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Key Areas for Vendor Selection: Deployment Flexibility © 2018 Enterprise Management Associates, Inc. Deployment Flexibility Managed Service On- Premises Cloud Software, Appliance, Image Slide 12
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Key Areas for Vendor Selection: Data Accuracy and Actionability Slide 13 © 2018 Enterprise Management Associates, Inc. Extreme False Positives Superior Accuracy Inferior Analysis Superior Analysis Where are you today? Business Loss, Interruption Rapid Response Inferior Automation Superior Automation
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 14 © 2018 Enterprise Management Associates, Inc. Key Areas for Vendor Selection: TCO Ease of Administration Licensing Integrations Reliance on Professional Services
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 15 © 2018 Enterprise Management Associates, Inc. ROI Productivity Cost Avoidance Cost Reduction Reduce Brand Erosion Key Areas for Vendor Selection
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Key Areas for Vendor Selection: Company Strength Slide 16 © 2018 Enterprise Management Associates, Inc. Company Strength Support Quality Debt Revenue Customer Retention Responsiveness
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Key Areas for Consideration for Buyers Slide 17 © 2018 Enterprise Management Associates, Inc. Business Drivers- • ROI/TCO • Increased Threats/Risk • Increased Awareness • Compliance • Third-Party Risks • Move to Cloud • …
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING How IntSights Provides Strong Value Slide 18 © 2018 Enterprise Management Associates, Inc. Tailored Protection Data Integrations Visibility IntSights
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IntSights Cyber Strengths Slide 19 © 2018 Enterprise Management Associates, Inc.  Deployment Flexibility  Data Integrations  Monitoring Breadth  Automated Remediation
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IntSights as a Vendor to Watch Slide 20 © 2018 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING How IntSights Stacked Up Slide 21 © 2018 Enterprise Management Associates, Inc.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING How IntSights Stacked Up (cont’d) Slide 22 © 2018 Enterprise Management Associates, Inc.
T hreat Intelligence Realized. Lessons Learned: Building a Threat Intelligence RFP Alon Arvatz, CPO
BUILDING A THREAT INTEL PLATFORM RFP ‘Must-Have’ Capabilities:
TIP EVALUATION CHEAT-SHEET AUTOMATED REMEDIATION THREAT RESEARCH & ANALYSIS IOC ENRICHMENT & MANAGEMENT (THREAT INTEL PLATFORM) TAILORED INTELLIGENCE & THREAT VISIBILITY • Trends • Research & Investigation • Link Analysis • IOCs aggregation & management • IOCs investigation • Intelligence Sharing • Network & endpoint security integration • External threat takedown • Active Directory remediation • Exploitable data • Dark web • Brand security • Data leakage • Phishing • Attack indication
1. Threat Intel Data Collection & Brand/Asset Monitoring Type Description of Requirement Phishing Detection of newly registered domains and sub-domains based on company assets: -- Common additions, Common permutations Discovery of active phishing pages utilizing company name/graphic language Image processing capabilities for detection of active phishing pages "Piggybacking" of phishing site repositories Data Leakage Detection of leaked credentials based on company assets Detection of confidential documents leaked online based on company assets and watermarks Detection of employee's private data leaked online (Doxing) Detection of references to secret projects based on company assets Detection of leaked software code and IP Vulnerabilities Reporting of newly disclosed vulnerabilities based on company assets Active scanning of vulnerabilities on provided assets Detection of exposed internal pages Detection of open-ports on company's servers Problem in SSL certificate/its installation Unsecure FTP connections Detection of publicly disclosed SQL/XSS vulnerabilities found on company's assets Detection of unencrypted login pages Detection of old and/or unmaintained pages
1. Threat Intel Data Collection & Brand/Asset Monitoring Attack Indications Reporting of intention to target the company or industry Reporting of major hacktivist campaigns Reporting of illegal trade in the company's products online Reporting of counterfeit activity re: company brands Reporting of employee emails found on spam lists Reporting of blacklisted IP addresses, based on CIDRs/ IP provided by the company Indications of activist initiatives against the company Reporting of RDPs sold on the black market based on the CIDRs/IP provided by the company Reporting of malware samples targeting company based on company assets Detection of machines infected with malware Reporting of indications of insider activity within the company or industry Executive monitoring Alert on specific intentions to target VIPs based on a list provided by the company Alert on fake profiles utilizing the name/image of a VIP Alert on VIP credentials leaked online Brand Security Fake profiles utilizing the company's name and/or graphic language for fraudulent purposes Fake profiles that impersonate company employees Fake applications that resemble the company's' and/or utilize the company's name/graphic language: mobile & desktop; Malicious applications that resemble the company's and/or utilize the company's name/graphic language Defacement detection
1. Threat Intel Data Collection & Brand/Asset Monitoring Sources Cyber-crime forums Mobile messaging apps IRC chat rooms Application stores Paste sites Dev repositories IP blacklists Search engines - Google, Bing, etc. Document sharing sites Data leakage sites and repositories Passive DNS WHOIS servers Bug-bounty sites Phishing reporting sites Social media sites Data dumps shared via P2P Insider-trading sources E-commerce platforms Black markets Access to attached list of forums, black markets, and other deep web sources Automated collection of new sources: "deep crawling", monitoring of new sites added to the site indexes
2. Threat Intelligence Management & Research Capabilities Type Description of Requirement Threat Knowledge Base "Threat encyclopedia" comprised of terms which describe the following types of threats: Malware Campaign Threat Actor profiles TTP's IOCs per threat Monitoring of APT-related activity Trends and Analysis The system can generate general cyber intelligence reports concerning trends and developments in the cyber-threat landscape Trend detection and monitoring Built-in search engine for data scraped off forums and other deep/dark web sources The system can generate industry-specific intelligence reports concerning trends and developments in the cyber-threat landscape Option for Ad-hoc reports, researches and papers upon request on different topics (Top used TTPs by specific threat actors, etc.) Malware and Malicious infrastructure Automated malware analysis Reverse engineering capability upon request APT Detection and long term monitoring of APT campaigns APT threat actor monitoring Access to forums where APT-affiliated TAs participate Indicators of Compromise Customized IOC generation IOC prioritization General IOC feeds for known threats Commercial feeds
Internal: • Active Directory Credential Theft • Social Media Credential Leakage • Phishing Domain Monitoring & Blocking Endpoint FirewallSIEM Web Proxies and Email Gateways Orchestration 3. Security Integration & Automated Remediation
External: • Malicious Mobile Application Takedown • Malicious Domain Takedown • Suspicious Social Media Page Takedown • Paste Site Takedown 60+ Paste Sites Safe Browsing Programs Internet Registrars Social Media App Stores 3. Security Integration & Automated Remediation
Threat Intelligence Realized.
IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Question and Answer: Log Questions in the Q&A panel located on the lower left-hand corner Slide 33 © 2018 Enterprise Management Associates, Inc. Learn More About IntSights at www.intsights.com

Recomendados

Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Enterprise Management Associates
 
NetSecOps: Everything Network Managers Must Know About Collaborating with Sec...
NetSecOps: Everything Network Managers Must Know About Collaborating with Sec...NetSecOps: Everything Network Managers Must Know About Collaborating with Sec...
NetSecOps: Everything Network Managers Must Know About Collaborating with Sec...Enterprise Management Associates
 
Whitepaper: IP Risk Assessment & Loss Prevention - Happiest Minds
Whitepaper: IP Risk Assessment & Loss Prevention - Happiest MindsWhitepaper: IP Risk Assessment & Loss Prevention - Happiest Minds
Whitepaper: IP Risk Assessment & Loss Prevention - Happiest MindsHappiest Minds Technologies
 
A data-centric program
A data-centric program A data-centric program
A data-centric program at MicroFocus Italy ❖✔
 
The Rise of Big Data and the Chief Data Officer (CDO)
The Rise of Big Data and the Chief Data Officer (CDO)The Rise of Big Data and the Chief Data Officer (CDO)
The Rise of Big Data and the Chief Data Officer (CDO)gcharlesj
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Bala Guntipalli ♦ MBA
 
Make Smarter Decisions with WISEMINER
Make Smarter Decisions with WISEMINERMake Smarter Decisions with WISEMINER
Make Smarter Decisions with WISEMINERLeonardo Couto
 
Securing the Digital Future
Securing the Digital FutureSecuring the Digital Future
Securing the Digital FutureCognizant
 

Recomendados

Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Investing in Digital Threat Intelligence Management to Protect Your Assets ou...
Investing in Digital Threat Intelligence Management to Protect Your Assets ou...Enterprise Management Associates
 
NetSecOps: Everything Network Managers Must Know About Collaborating with Sec...
NetSecOps: Everything Network Managers Must Know About Collaborating with Sec...NetSecOps: Everything Network Managers Must Know About Collaborating with Sec...
NetSecOps: Everything Network Managers Must Know About Collaborating with Sec...Enterprise Management Associates
 
Whitepaper: IP Risk Assessment & Loss Prevention - Happiest Minds
Whitepaper: IP Risk Assessment & Loss Prevention - Happiest MindsWhitepaper: IP Risk Assessment & Loss Prevention - Happiest Minds
Whitepaper: IP Risk Assessment & Loss Prevention - Happiest MindsHappiest Minds Technologies
 
A data-centric program
A data-centric program A data-centric program
A data-centric program at MicroFocus Italy ❖✔
 
The Rise of Big Data and the Chief Data Officer (CDO)
The Rise of Big Data and the Chief Data Officer (CDO)The Rise of Big Data and the Chief Data Officer (CDO)
The Rise of Big Data and the Chief Data Officer (CDO)gcharlesj
 
Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Internal or insider threats are far more dangerous than the external - bala g...
Internal or insider threats are far more dangerous than the external - bala g...Bala Guntipalli ♦ MBA
 
Make Smarter Decisions with WISEMINER
Make Smarter Decisions with WISEMINERMake Smarter Decisions with WISEMINER
Make Smarter Decisions with WISEMINERLeonardo Couto
 
Securing the Digital Future
Securing the Digital FutureSecuring the Digital Future
Securing the Digital FutureCognizant
 
Digital Resilience flipbook
Digital Resilience flipbookDigital Resilience flipbook
Digital Resilience flipbookJames Fintain Lawler
 
Cyber security investments 2021
Cyber security investments 2021Cyber security investments 2021
Cyber security investments 2021Management Events
 
DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014- Mark - Fullbright
 
Deloitte stay ahed of the game
Deloitte stay ahed of the gameDeloitte stay ahed of the game
Deloitte stay ahed of the gameFranco Ferrario
 
Big Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to YouBig Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to YouDATAVERSITY
 
Building the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your CompanyBuilding the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your CompanyAIIM International
 
Insight2014 mitigate risk_fraud_6863
Insight2014 mitigate risk_fraud_6863Insight2014 mitigate risk_fraud_6863
Insight2014 mitigate risk_fraud_6863IBMgbsNA
 
Data Breach Guide 2013
Data Breach Guide 2013Data Breach Guide 2013
Data Breach Guide 2013- Mark - Fullbright
 
Networkers cyber security market intelligence report
Networkers cyber security market intelligence reportNetworkers cyber security market intelligence report
Networkers cyber security market intelligence reportSimon Clements FIRP DipRP
 
Windy City CIOs report 6 8 16
Windy City CIOs report 6 8 16Windy City CIOs report 6 8 16
Windy City CIOs report 6 8 16Mark H. Griesbaum
 
Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants- Mark - Fullbright
 
Protect your confidential information while improving services
Protect your confidential information while improving servicesProtect your confidential information while improving services
Protect your confidential information while improving servicesCloudMask inc.
 
Who is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityWho is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityUlf Mattsson
 
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSCybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSRandall Chase
 
Looking Forward - Regulators and Data Incidents
Looking Forward - Regulators and Data IncidentsLooking Forward - Regulators and Data Incidents
Looking Forward - Regulators and Data IncidentsResilient Systems
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firmsRobert Westmacott
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsSarah Fane
 
Digital Espionage and Business Intelligence
Digital Espionage and Business IntelligenceDigital Espionage and Business Intelligence
Digital Espionage and Business IntelligenceRoopak K Prajapat
 
Learning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New TargetsLearning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New TargetsUlf Mattsson
 
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the Trees
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the TreesTunnel Vision Is Hurting Your Security: Time to See the Forest for the Trees
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the TreesEnterprise Management Associates
 
Event-driven Business: How Leading Companies are Adopting Streaming Strategies
Event-driven Business: How Leading Companies are Adopting Streaming StrategiesEvent-driven Business: How Leading Companies are Adopting Streaming Strategies
Event-driven Business: How Leading Companies are Adopting Streaming StrategiesEnterprise Management Associates
 
Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management SolutionTop 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management SolutionEnterprise Management Associates
 

Mais conteúdo relacionado

Mais procurados

Cyber security investments 2021
Cyber security investments 2021Cyber security investments 2021
Cyber security investments 2021Management Events
 
DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014- Mark - Fullbright
 
Deloitte stay ahed of the game
Deloitte stay ahed of the gameDeloitte stay ahed of the game
Deloitte stay ahed of the gameFranco Ferrario
 
Big Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to YouBig Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to YouDATAVERSITY
 
Building the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your CompanyBuilding the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your CompanyAIIM International
 
Insight2014 mitigate risk_fraud_6863
Insight2014 mitigate risk_fraud_6863Insight2014 mitigate risk_fraud_6863
Insight2014 mitigate risk_fraud_6863IBMgbsNA
 
Networkers cyber security market intelligence report
Networkers cyber security market intelligence reportNetworkers cyber security market intelligence report
Networkers cyber security market intelligence reportSimon Clements FIRP DipRP
 
Windy City CIOs report 6 8 16
Windy City CIOs report 6 8 16Windy City CIOs report 6 8 16
Windy City CIOs report 6 8 16Mark H. Griesbaum
 
Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants- Mark - Fullbright
 
Protect your confidential information while improving services
Protect your confidential information while improving servicesProtect your confidential information while improving services
Protect your confidential information while improving servicesCloudMask inc.
 
Who is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityWho is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityUlf Mattsson
 
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSCybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSRandall Chase
 
Looking Forward - Regulators and Data Incidents
Looking Forward - Regulators and Data IncidentsLooking Forward - Regulators and Data Incidents
Looking Forward - Regulators and Data IncidentsResilient Systems
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firmsRobert Westmacott
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsSarah Fane
 
Digital Espionage and Business Intelligence
Digital Espionage and Business IntelligenceDigital Espionage and Business Intelligence
Digital Espionage and Business IntelligenceRoopak K Prajapat
 
Learning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New TargetsLearning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New TargetsUlf Mattsson
 
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the Trees
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the TreesTunnel Vision Is Hurting Your Security: Time to See the Forest for the Trees
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the TreesEnterprise Management Associates
 

Mais procurados (20)

Digital Resilience flipbook
Digital Resilience flipbookDigital Resilience flipbook
Digital Resilience flipbook
 
Cyber security investments 2021
Cyber security investments 2021Cyber security investments 2021
Cyber security investments 2021
 
DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014DATA PROTECTION & BREACH READINESS GUIDE 2014
DATA PROTECTION & BREACH READINESS GUIDE 2014
 
Deloitte stay ahed of the game
Deloitte stay ahed of the gameDeloitte stay ahed of the game
Deloitte stay ahed of the game
 
Big Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to YouBig Data: Beyond the Hype - Why Big Data Matters to You
Big Data: Beyond the Hype - Why Big Data Matters to You
 
Building the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your CompanyBuilding the Information Governance Business Case Within Your Company
Building the Information Governance Business Case Within Your Company
 
Insight2014 mitigate risk_fraud_6863
Insight2014 mitigate risk_fraud_6863Insight2014 mitigate risk_fraud_6863
Insight2014 mitigate risk_fraud_6863
 
Data Breach Guide 2013
Data Breach Guide 2013Data Breach Guide 2013
Data Breach Guide 2013
 
Networkers cyber security market intelligence report
Networkers cyber security market intelligence reportNetworkers cyber security market intelligence report
Networkers cyber security market intelligence report
 
Windy City CIOs report 6 8 16
Windy City CIOs report 6 8 16Windy City CIOs report 6 8 16
Windy City CIOs report 6 8 16
 
Responding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for MerchantsResponding to a Data Breach, Communications Guidelines for Merchants
Responding to a Data Breach, Communications Guidelines for Merchants
 
Protect your confidential information while improving services
Protect your confidential information while improving servicesProtect your confidential information while improving services
Protect your confidential information while improving services
 
Who is the next target proactive approaches to data security
Who is the next target proactive approaches to data securityWho is the next target proactive approaches to data security
Who is the next target proactive approaches to data security
 
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONSCybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
Cybersecurity - you are being targeted -Keyven Lewis, CMIT SOLUTIONS
 
Looking Forward - Regulators and Data Incidents
Looking Forward - Regulators and Data IncidentsLooking Forward - Regulators and Data Incidents
Looking Forward - Regulators and Data Incidents
 
Cyber security basics for law firms
Cyber security basics for law firmsCyber security basics for law firms
Cyber security basics for law firms
 
Master Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security FundamentalsMaster Data in the Cloud: 5 Security Fundamentals
Master Data in the Cloud: 5 Security Fundamentals
 
Digital Espionage and Business Intelligence
Digital Espionage and Business IntelligenceDigital Espionage and Business Intelligence
Digital Espionage and Business Intelligence
 
Learning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New TargetsLearning from Verizon 2017 Data Breach Investigations Report – The New Targets
Learning from Verizon 2017 Data Breach Investigations Report – The New Targets
 
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the Trees
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the TreesTunnel Vision Is Hurting Your Security: Time to See the Forest for the Trees
Tunnel Vision Is Hurting Your Security: Time to See the Forest for the Trees
 

Semelhante a Using Digital Threat Intelligence Management (DTIM) to Combat Threats

Event-driven Business: How Leading Companies are Adopting Streaming Strategies
Event-driven Business: How Leading Companies are Adopting Streaming StrategiesEvent-driven Business: How Leading Companies are Adopting Streaming Strategies
Event-driven Business: How Leading Companies are Adopting Streaming StrategiesEnterprise Management Associates
 
Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management SolutionTop 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management SolutionEnterprise Management Associates
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsHow to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsEnterprise Management Associates
 
Event-driven Business: How Leading Companies Are Adopting Streaming Strategies
Event-driven Business: How Leading Companies Are Adopting Streaming StrategiesEvent-driven Business: How Leading Companies Are Adopting Streaming Strategies
Event-driven Business: How Leading Companies Are Adopting Streaming Strategiesconfluent
 
Strategies for Enterprise Grade Azure-based Analytics
Strategies for Enterprise Grade Azure-based AnalyticsStrategies for Enterprise Grade Azure-based Analytics
Strategies for Enterprise Grade Azure-based AnalyticsCloudera, Inc.
 
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...Enterprise Management Associates
 
Accelerating Enhanced Threat Identification and Incident Investigation
Accelerating Enhanced Threat Identification and Incident InvestigationAccelerating Enhanced Threat Identification and Incident Investigation
Accelerating Enhanced Threat Identification and Incident InvestigationEnterprise Management Associates
 
The Imitation Game: Detecting and Thwarting Automated Bot Attacks
The Imitation Game: Detecting and Thwarting Automated Bot AttacksThe Imitation Game: Detecting and Thwarting Automated Bot Attacks
The Imitation Game: Detecting and Thwarting Automated Bot AttacksEnterprise Management Associates
 
Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...
Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...
Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...Enterprise Management Associates
 
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Enterprise Management Associates
 
Inventory and Discovery: How to Take Charge of “What’s Out There”
Inventory and Discovery: How to Take Charge of “What’s Out There” Inventory and Discovery: How to Take Charge of “What’s Out There”
Inventory and Discovery: How to Take Charge of “What’s Out There” Enterprise Management Associates
 
Take Charge of Your Cloud Migrations with Dependency Mapping, Inventory and U...
Take Charge of Your Cloud Migrations with Dependency Mapping, Inventory and U...Take Charge of Your Cloud Migrations with Dependency Mapping, Inventory and U...
Take Charge of Your Cloud Migrations with Dependency Mapping, Inventory and U...Enterprise Management Associates
 
How Automation and Orchestration Can Help Bridge the IT Security Skills Gap
How Automation and Orchestration Can Help Bridge the IT Security Skills GapHow Automation and Orchestration Can Help Bridge the IT Security Skills Gap
How Automation and Orchestration Can Help Bridge the IT Security Skills GapEnterprise Management Associates
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?PECB
 
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Enterprise Management Associates
 

Semelhante a Using Digital Threat Intelligence Management (DTIM) to Combat Threats (20)

Event-driven Business: How Leading Companies are Adopting Streaming Strategies
Event-driven Business: How Leading Companies are Adopting Streaming StrategiesEvent-driven Business: How Leading Companies are Adopting Streaming Strategies
Event-driven Business: How Leading Companies are Adopting Streaming Strategies
 
Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management SolutionTop 10 Tips for Selecting a Threat and Vulnerability Management Solution
Top 10 Tips for Selecting a Threat and Vulnerability Management Solution
 
How to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-ToolsHow to Reduce the Attack Surface Created by Your Cyber-Tools
How to Reduce the Attack Surface Created by Your Cyber-Tools
 
Event-driven Business: How Leading Companies Are Adopting Streaming Strategies
Event-driven Business: How Leading Companies Are Adopting Streaming StrategiesEvent-driven Business: How Leading Companies Are Adopting Streaming Strategies
Event-driven Business: How Leading Companies Are Adopting Streaming Strategies
 
A Definitive Market Guide to Deception Technology
A Definitive Market Guide to Deception TechnologyA Definitive Market Guide to Deception Technology
A Definitive Market Guide to Deception Technology
 
Strategies for Enterprise Grade Azure-based Analytics
Strategies for Enterprise Grade Azure-based AnalyticsStrategies for Enterprise Grade Azure-based Analytics
Strategies for Enterprise Grade Azure-based Analytics
 
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...
Managed Detection and Response: Selective Outsourcing for Understaffed SOCs a...
 
Accelerating Enhanced Threat Identification and Incident Investigation
Accelerating Enhanced Threat Identification and Incident InvestigationAccelerating Enhanced Threat Identification and Incident Investigation
Accelerating Enhanced Threat Identification and Incident Investigation
 
The Imitation Game: Detecting and Thwarting Automated Bot Attacks
The Imitation Game: Detecting and Thwarting Automated Bot AttacksThe Imitation Game: Detecting and Thwarting Automated Bot Attacks
The Imitation Game: Detecting and Thwarting Automated Bot Attacks
 
Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...
Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...
Profiting from the Digital Shift: Time Series Databases as Value Creation Eng...
 
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
Where There Is Smoke, There is Fire: Extracting Actionable Intelligence from ...
 
Inventory and Discovery: How to Take Charge of “What’s Out There”
Inventory and Discovery: How to Take Charge of “What’s Out There” Inventory and Discovery: How to Take Charge of “What’s Out There”
Inventory and Discovery: How to Take Charge of “What’s Out There”
 
Take Charge of Your Cloud Migrations with Dependency Mapping, Inventory and U...
Take Charge of Your Cloud Migrations with Dependency Mapping, Inventory and U...Take Charge of Your Cloud Migrations with Dependency Mapping, Inventory and U...
Take Charge of Your Cloud Migrations with Dependency Mapping, Inventory and U...
 
How Automation and Orchestration Can Help Bridge the IT Security Skills Gap
How Automation and Orchestration Can Help Bridge the IT Security Skills GapHow Automation and Orchestration Can Help Bridge the IT Security Skills Gap
How Automation and Orchestration Can Help Bridge the IT Security Skills Gap
 
Unifying IT for Digital War Room Performance
Unifying IT for Digital War Room PerformanceUnifying IT for Digital War Room Performance
Unifying IT for Digital War Room Performance
 
What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?What trends will 2018 bring for Business Continuity Professionals?
What trends will 2018 bring for Business Continuity Professionals?
 
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)Identifying Effective Endpoint Detection and Response Platforms (EDRP)
Identifying Effective Endpoint Detection and Response Platforms (EDRP)
 
Unifying IT with Outcome-Aware AIOps
Unifying IT with Outcome-Aware AIOps Unifying IT with Outcome-Aware AIOps
Unifying IT with Outcome-Aware AIOps
 
Leveraging Streaming Data through Automation
Leveraging Streaming Data through AutomationLeveraging Streaming Data through Automation
Leveraging Streaming Data through Automation
 
Data Lakes for Business: Big Data 2018
Data Lakes for Business: Big Data 2018Data Lakes for Business: Big Data 2018
Data Lakes for Business: Big Data 2018
 

Mais de Enterprise Management Associates

Highlights from the EMA Radar™ Report for Workload Automation and Orchestrati...
Highlights from the EMA Radar™ Report for Workload Automation and Orchestrati...Highlights from the EMA Radar™ Report for Workload Automation and Orchestrati...
Highlights from the EMA Radar™ Report for Workload Automation and Orchestrati...Enterprise Management Associates
 
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetryObservability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetryEnterprise Management Associates
 
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...Enterprise Management Associates
 
Modern ITSM—the untapped game-changer for midsize organizations
Modern ITSM—the untapped game-changer for midsize organizationsModern ITSM—the untapped game-changer for midsize organizations
Modern ITSM—the untapped game-changer for midsize organizationsEnterprise Management Associates
 
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...Enterprise Management Associates
 
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...Enterprise Management Associates
 
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...Enterprise Management Associates
 
Navigating Today’s Threat Landscape: Discussing Hype vs. Reality
Navigating Today’s Threat Landscape: Discussing Hype vs. RealityNavigating Today’s Threat Landscape: Discussing Hype vs. Reality
Navigating Today’s Threat Landscape: Discussing Hype vs. RealityEnterprise Management Associates
 
Kubernetes Unveiled: Trends, Challenges, and Opportunities
Kubernetes Unveiled: Trends, Challenges, and OpportunitiesKubernetes Unveiled: Trends, Challenges, and Opportunities
Kubernetes Unveiled: Trends, Challenges, and OpportunitiesEnterprise Management Associates
 
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...Enterprise Management Associates
 
Challenges and Best Practices for Securing Modern Operational Technology Netw...
Challenges and Best Practices for Securing Modern Operational Technology Netw...Challenges and Best Practices for Securing Modern Operational Technology Netw...
Challenges and Best Practices for Securing Modern Operational Technology Netw...Enterprise Management Associates
 
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...Enterprise Management Associates
 
Why Should Organizations Consider Extended Detection and Response (XDR)?
Why Should Organizations Consider Extended Detection and Response (XDR)?Why Should Organizations Consider Extended Detection and Response (XDR)?
Why Should Organizations Consider Extended Detection and Response (XDR)?Enterprise Management Associates
 
Moving Beyond Remote Access: Discover the Power of Zero Trust Network Access
Moving Beyond Remote Access: Discover the Power of Zero Trust Network AccessMoving Beyond Remote Access: Discover the Power of Zero Trust Network Access
Moving Beyond Remote Access: Discover the Power of Zero Trust Network AccessEnterprise Management Associates
 
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...Enterprise Management Associates
 

Mais de Enterprise Management Associates (20)

Highlights from the EMA Radar™ Report for Workload Automation and Orchestrati...
Highlights from the EMA Radar™ Report for Workload Automation and Orchestrati...Highlights from the EMA Radar™ Report for Workload Automation and Orchestrati...
Highlights from the EMA Radar™ Report for Workload Automation and Orchestrati...
 
Real-world incident response, management, and prevention
Real-world incident response, management, and preventionReal-world incident response, management, and prevention
Real-world incident response, management, and prevention
 
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetryObservability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
Observability: Challenges, Priorities, Solutions, and the Role of OpenTelemetry
 
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
NetSecOps: Examining How Network and Security Teams Collaborate for a Better ...
 
Modern ITSM—the untapped game-changer for midsize organizations
Modern ITSM—the untapped game-changer for midsize organizationsModern ITSM—the untapped game-changer for midsize organizations
Modern ITSM—the untapped game-changer for midsize organizations
 
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
Unveiling Strategic Trends in Global Finance, Banking, and Insurance - IT Ex...
 
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
Unlocking Master Data Management (MDM) Success: Real-World Insights and Strat...
 
Transcending Passwords: Emerging Trends in Authentication
Transcending Passwords: Emerging Trends in AuthenticationTranscending Passwords: Emerging Trends in Authentication
Transcending Passwords: Emerging Trends in Authentication
 
Modernize NetOps with Business-Aware Network Monitoring
Modernize NetOps with Business-Aware Network MonitoringModernize NetOps with Business-Aware Network Monitoring
Modernize NetOps with Business-Aware Network Monitoring
 
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
Navigating the Complexity of Distributed Microservices across AWS, Azure, and...
 
Navigating Today’s Threat Landscape: Discussing Hype vs. Reality
Navigating Today’s Threat Landscape: Discussing Hype vs. RealityNavigating Today’s Threat Landscape: Discussing Hype vs. Reality
Navigating Today’s Threat Landscape: Discussing Hype vs. Reality
 
Kubernetes Unveiled: Trends, Challenges, and Opportunities
Kubernetes Unveiled: Trends, Challenges, and OpportunitiesKubernetes Unveiled: Trends, Challenges, and Opportunities
Kubernetes Unveiled: Trends, Challenges, and Opportunities
 
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
DDI Directions: DNS, DHCP and IP Address Management Strategies for the Multi-...
 
Challenges and Best Practices for Securing Modern Operational Technology Netw...
Challenges and Best Practices for Securing Modern Operational Technology Netw...Challenges and Best Practices for Securing Modern Operational Technology Netw...
Challenges and Best Practices for Securing Modern Operational Technology Netw...
 
CMDB in Cloud Times: Myths, Mistakes, and Mastery
CMDB in Cloud Times: Myths, Mistakes, and Mastery CMDB in Cloud Times: Myths, Mistakes, and Mastery
CMDB in Cloud Times: Myths, Mistakes, and Mastery
 
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
Modernizing Network Engineering and Operations in the Era of Hybrid and Remot...
 
Why Should Organizations Consider Extended Detection and Response (XDR)?
Why Should Organizations Consider Extended Detection and Response (XDR)?Why Should Organizations Consider Extended Detection and Response (XDR)?
Why Should Organizations Consider Extended Detection and Response (XDR)?
 
Five Managed SD-WAN Trends to Watch in 2023
Five Managed SD-WAN Trends to Watch in 2023Five Managed SD-WAN Trends to Watch in 2023
Five Managed SD-WAN Trends to Watch in 2023
 
Moving Beyond Remote Access: Discover the Power of Zero Trust Network Access
Moving Beyond Remote Access: Discover the Power of Zero Trust Network AccessMoving Beyond Remote Access: Discover the Power of Zero Trust Network Access
Moving Beyond Remote Access: Discover the Power of Zero Trust Network Access
 
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
[Analyst Research Slides] Build vs. Buy: Finding the Best Path to Network Aut...
 

Último

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 

Último (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 

Using Digital Threat Intelligence Management (DTIM) to Combat Threats

  • 1. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Using Digital Threat Intelligence Management to Combat Threats: Understanding the Ins and Outs of DTIM Platforms David Monahan Managing Research Director, Security and Risk Management Enterprise Management Associates Alon Arvatz CPO and Co-founder IntSights
  • 2. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Watch the On-Demand Webinar Slide 2 © 2018 Enterprise Management Associates, Inc. • Using Digital Threat Intelligence Management to Combat Threats: Understanding the Ins and Outs of DTIM Platforms On-Demand webinar is available here: https://ema.wistia.com/medias/dfkndj8ttw • Check out upcoming webinars from EMA here: http://www.enterprisemanagement.com/freeResearch
  • 3. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Today’s Speakers Alon Arvatz, CPO and Co-founder, IntSights George S. Patton said “If everyone is thinking alike, then somebody isn’t thinking.” Alon thinks, but not like most of us. And it’s this quality that has given him vast experience and knowledge in the world of cyberthreat intelligence, and why he has succeeded in working in the most advanced environments in the world. After serving in an elite intelligence unit in the Israel Defense Forces, Alon joined Guy Nizan to establish Cyber School, a center providing teenagers with courses, seminars and summer camp workshops on cyber intelligence. David Monahan, Managing Research Director, Security and Risk Management, EMA David is a senior information security executive with several years of experience. He has organized and managed both physical and information security programs, including security and network operations (SOCs and NOCs) for organizations ranging from Fortune 100 companies to local government and small public and private companies. He has diverse audit and compliance and risk and privacy experience such as providing strategic and tactical leadership to develop, architect, and deploy assurance controls; delivering process and policy documentation and training; and working on educational and technical solutions.
  • 4. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Logistics for Today’s Webinar An archived version of the event recording will be available at www.enterprisemanagement.com • Log questions in the chat panel located on the lower left-hand corner of your screen • Questions will be addressed during the Q&A session of the event QUESTIONS EVENT RECORDING A PDF of the speaker slides will be distributed to all attendees PDF SLIDES
  • 5. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Using Digital Threat Intelligence Management to Combat Threats: Understanding the Ins and Outs of DTIM Platforms David Monahan Managing Research Director, Security and Risk Management Enterprise Management Associates
  • 6. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Why Invest in DTIM • Breaches are increasing and seem inevitable for every company • Organized cybercrime operates like a business, perpetrated by a small number of groups who take great care not to expose their activities in online forums • Cybercrime presents a significant risk to individuals and organizations • The FBI reported that Internet crime led to losses in excess of $1.3 billion USD in 2016.1 • Business email compromise (BEC) and business email spoofing (BES) accounted for $5 billion USD in losses globally between October 2013 and December 2016.2 • Victims’ losses, related to BEC and BES schemes, increased by 2,370 percent between January 2015 and December 2016, according to figures released by the FBI.2 • The perceived gap between criminality and nation-states, in terms of both actors and capabilities, will continue to shrink.2 • 1) 2016 IC3Report.pdf • 2) SecureWorks 2017 State of Cybercrime Report Slide 6 © 2018 Enterprise Management Associates, Inc.
  • 7. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Why Invest in DTIM (cont’d) • Nearly 1 billion personal records and just over 1 billion credentials were stolen in 2016 • 2017 VDBIR identifies that external notification of breach is still the #1 method of discovery • Financial gain motivates approximately 68 percent of cyber-breaches, while espionage drives about 25 percent. All other motivations account for only seven percent of breaches.3 • DTIM solutions have the opportunity to drive faster response in as much as 75 percent of breaches. • DTIM can reduce identification time of information release to less than 24 hours Slide 7 © 2018 Enterprise Management Associates, Inc.
  • 8. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Definition: Digital Threat Intelligence Management (DTIM) Slide 8 © 2018 Enterprise Management Associates, Inc. Platforms that aid organizations with external threat identification and risk management by locating, gathering, and assimilating threat intelligence from a variety of sources. Not just a data feed!
  • 9. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Criteria for Inclusion in DTIM Slide 9 © 2018 Enterprise Management Associates, Inc. Paying Customers Customer-validated time savings Threat information must be externally verifiable
  • 10. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Architecture and Integration Deployment and Administration Functionality Cost Advantage Vendor Strength Criteria for Inclusion in DTIM (cont’d) Over 100 Key Performance Indicators (KPIs) Slide 10 © 2018 Enterprise Management Associates, Inc.
  • 11. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Key Areas for Vendor Selection: Data Sources & Collection Slide 11 © 2018 Enterprise Management Associates, Inc. Data Aggregation Data Creation/Collection Openly Available Sources Government Sources Private Subscriptions Proprietary Collection Common Internet Deep Web Dark Web Mobile Email Social
  • 12. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Key Areas for Vendor Selection: Deployment Flexibility © 2018 Enterprise Management Associates, Inc. Deployment Flexibility Managed Service On- Premises Cloud Software, Appliance, Image Slide 12
  • 13. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Key Areas for Vendor Selection: Data Accuracy and Actionability Slide 13 © 2018 Enterprise Management Associates, Inc. Extreme False Positives Superior Accuracy Inferior Analysis Superior Analysis Where are you today? Business Loss, Interruption Rapid Response Inferior Automation Superior Automation
  • 14. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 14 © 2018 Enterprise Management Associates, Inc. Key Areas for Vendor Selection: TCO Ease of Administration Licensing Integrations Reliance on Professional Services
  • 15. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTINGSlide 15 © 2018 Enterprise Management Associates, Inc. ROI Productivity Cost Avoidance Cost Reduction Reduce Brand Erosion Key Areas for Vendor Selection
  • 16. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Key Areas for Vendor Selection: Company Strength Slide 16 © 2018 Enterprise Management Associates, Inc. Company Strength Support Quality Debt Revenue Customer Retention Responsiveness
  • 17. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Key Areas for Consideration for Buyers Slide 17 © 2018 Enterprise Management Associates, Inc. Business Drivers- • ROI/TCO • Increased Threats/Risk • Increased Awareness • Compliance • Third-Party Risks • Move to Cloud • …
  • 18. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING How IntSights Provides Strong Value Slide 18 © 2018 Enterprise Management Associates, Inc. Tailored Protection Data Integrations Visibility IntSights
  • 19. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IntSights Cyber Strengths Slide 19 © 2018 Enterprise Management Associates, Inc.  Deployment Flexibility  Data Integrations  Monitoring Breadth  Automated Remediation
  • 20. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING IntSights as a Vendor to Watch Slide 20 © 2018 Enterprise Management Associates, Inc.
  • 21. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING How IntSights Stacked Up Slide 21 © 2018 Enterprise Management Associates, Inc.
  • 22. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING How IntSights Stacked Up (cont’d) Slide 22 © 2018 Enterprise Management Associates, Inc.
  • 23. T hreat Intelligence Realized. Lessons Learned: Building a Threat Intelligence RFP Alon Arvatz, CPO
  • 24. BUILDING A THREAT INTEL PLATFORM RFP ‘Must-Have’ Capabilities:
  • 25. TIP EVALUATION CHEAT-SHEET AUTOMATED REMEDIATION THREAT RESEARCH & ANALYSIS IOC ENRICHMENT & MANAGEMENT (THREAT INTEL PLATFORM) TAILORED INTELLIGENCE & THREAT VISIBILITY • Trends • Research & Investigation • Link Analysis • IOCs aggregation & management • IOCs investigation • Intelligence Sharing • Network & endpoint security integration • External threat takedown • Active Directory remediation • Exploitable data • Dark web • Brand security • Data leakage • Phishing • Attack indication
  • 26. 1. Threat Intel Data Collection & Brand/Asset Monitoring Type Description of Requirement Phishing Detection of newly registered domains and sub-domains based on company assets: -- Common additions, Common permutations Discovery of active phishing pages utilizing company name/graphic language Image processing capabilities for detection of active phishing pages "Piggybacking" of phishing site repositories Data Leakage Detection of leaked credentials based on company assets Detection of confidential documents leaked online based on company assets and watermarks Detection of employee's private data leaked online (Doxing) Detection of references to secret projects based on company assets Detection of leaked software code and IP Vulnerabilities Reporting of newly disclosed vulnerabilities based on company assets Active scanning of vulnerabilities on provided assets Detection of exposed internal pages Detection of open-ports on company's servers Problem in SSL certificate/its installation Unsecure FTP connections Detection of publicly disclosed SQL/XSS vulnerabilities found on company's assets Detection of unencrypted login pages Detection of old and/or unmaintained pages
  • 27. 1. Threat Intel Data Collection & Brand/Asset Monitoring Attack Indications Reporting of intention to target the company or industry Reporting of major hacktivist campaigns Reporting of illegal trade in the company's products online Reporting of counterfeit activity re: company brands Reporting of employee emails found on spam lists Reporting of blacklisted IP addresses, based on CIDRs/ IP provided by the company Indications of activist initiatives against the company Reporting of RDPs sold on the black market based on the CIDRs/IP provided by the company Reporting of malware samples targeting company based on company assets Detection of machines infected with malware Reporting of indications of insider activity within the company or industry Executive monitoring Alert on specific intentions to target VIPs based on a list provided by the company Alert on fake profiles utilizing the name/image of a VIP Alert on VIP credentials leaked online Brand Security Fake profiles utilizing the company's name and/or graphic language for fraudulent purposes Fake profiles that impersonate company employees Fake applications that resemble the company's' and/or utilize the company's name/graphic language: mobile & desktop; Malicious applications that resemble the company's and/or utilize the company's name/graphic language Defacement detection
  • 28. 1. Threat Intel Data Collection & Brand/Asset Monitoring Sources Cyber-crime forums Mobile messaging apps IRC chat rooms Application stores Paste sites Dev repositories IP blacklists Search engines - Google, Bing, etc. Document sharing sites Data leakage sites and repositories Passive DNS WHOIS servers Bug-bounty sites Phishing reporting sites Social media sites Data dumps shared via P2P Insider-trading sources E-commerce platforms Black markets Access to attached list of forums, black markets, and other deep web sources Automated collection of new sources: "deep crawling", monitoring of new sites added to the site indexes
  • 29. 2. Threat Intelligence Management & Research Capabilities Type Description of Requirement Threat Knowledge Base "Threat encyclopedia" comprised of terms which describe the following types of threats: Malware Campaign Threat Actor profiles TTP's IOCs per threat Monitoring of APT-related activity Trends and Analysis The system can generate general cyber intelligence reports concerning trends and developments in the cyber-threat landscape Trend detection and monitoring Built-in search engine for data scraped off forums and other deep/dark web sources The system can generate industry-specific intelligence reports concerning trends and developments in the cyber-threat landscape Option for Ad-hoc reports, researches and papers upon request on different topics (Top used TTPs by specific threat actors, etc.) Malware and Malicious infrastructure Automated malware analysis Reverse engineering capability upon request APT Detection and long term monitoring of APT campaigns APT threat actor monitoring Access to forums where APT-affiliated TAs participate Indicators of Compromise Customized IOC generation IOC prioritization General IOC feeds for known threats Commercial feeds
  • 30. Internal: • Active Directory Credential Theft • Social Media Credential Leakage • Phishing Domain Monitoring & Blocking Endpoint FirewallSIEM Web Proxies and Email Gateways Orchestration 3. Security Integration & Automated Remediation
  • 31. External: • Malicious Mobile Application Takedown • Malicious Domain Takedown • Suspicious Social Media Page Takedown • Paste Site Takedown 60+ Paste Sites Safe Browsing Programs Internet Registrars Social Media App Stores 3. Security Integration & Automated Remediation
  • 33. IT & DATA MANAGEMENT RESEARCH, INDUSTRY ANALYSIS & CONSULTING Question and Answer: Log Questions in the Q&A panel located on the lower left-hand corner Slide 33 © 2018 Enterprise Management Associates, Inc. Learn More About IntSights at www.intsights.com