SlideShare uma empresa Scribd logo

Palo Alto Networks - Magnifier

Jisc
Jisc

A presentation at Networkshop46.

Tecnologia
1 de 28
Baixar para ler offline
MAGNIFIER BEHAVIORAL ANALYTICS
Palo Alto Networks at a glance Founded in 2005; first customer shipment in 2007 Around 50 customers in UK Higher Education More than 42,500 customers in 150+ countries FY17 $1.8B revenue, 28% YoY growth that significantly outpaced the industry Over 85 of the Fortune 100 and 60% of the Global 2000 rely on us Excellent global support, awarded by J.D. Power and TSIA Experienced team of nearly 5,000 employees
PALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY WildFireThreat Prevention URL Filtering AutoFocus Logging Service Magnifier MineMeld CLOUD-DELIVERED SECURITY SERVICES
SECURITY REFERENCE BLUEPRINT FOR HIGHER EDUCATION
Logging Service
NETWORK SECURITY LOGGING NEEDS 6 | © 2016, Palo Alto Networks. Confidential and Proprietary. Insights into network, apps, and user behavior Scale logging infrastructure with changing business needs E.g. Increasing retention User Behavior Cloud Apps Network Activity Central repository for NGFW & Cloud Services logs One-Place
INTRODUCING LOGGING SERVICE 7 | © 2017, Palo Alto Networks, Inc. Confidential and Proprietary. • Designed to collect and store large amounts of our high-value log data • Leverages powerful, elastic cloud-based computing to provide visibility and insights on large amounts of data • A centralized access point for the data of innovative apps in the Palo Alto Networks Application Framework 1TB xTB
Logging Service Branch Mobile GlobalProtect Cloud Service LOGGING SERVICE – CURRENT SOURCES Headquarter Data Center Log Collector Branch Cloud Endpoint
LOGGING SERVICE BENEFITS 9 | © 2017, Palo Alto Networks, Inc. Confidential and Proprietary. • Provides operational simplicity • Reduces both work and guesswork from log management • Improves business agility (new firewalls, acquisitions, new offices, etc.) • Allows leveraging of the log data to enable innovative security capabilities • Offers economic model of choice: pay for what you need, when you need it
A KEY COMPONENT OF THE APPLICATION FRAMEWORK 11 | © 2015, Palo Alto Networks. Confidential and Proprietary. THIS IS WORK IN PROGRESS. INTERNAL ONLY MAGNIFIER
Magnifier
SUCCESSFUL ATTACKS REQUIRE MULTIPLE STEPS Disrupt every step to prevent successful cyberattacks • Occurs in seconds to minutes • Involves a small number of network actions • Can often be identified by IoCs • Occurs over days, weeks, or months • Involves a large number of network actions • Can rarely be identified by IoCs Attack Lifecycle Data Exfiltration Lateral Movement Malware Installation Vulnerability Exploit Command and Control 13 | © 2018, Palo Alto Networks. Confidential and Proprietary.
DETECTION AND RESPONSE MUST BE DIFFERENT • Attackers must perform thousands of actions to achieve their objective • Each individual action may look innocent By profiling behavior, organizations can detect the behavioral changes that attackers cannot conceal Connectivity rate change Vulnerability Exploit Malware Installation Command and Control Lateral Movement Data Exfiltration 14 | © 2018, Palo Alto Networks. Confidential and Proprietary. Repeated access to an unusual site Unusually large upload
STEALTHY THREATS THAT LEAD TO DATA BREACHES Targeted Attacks 0% 10% 20% 30% 40% 50% 60% SecondsM inutes H ours D ays W eeksM onths Years 2017 Verizon Data Breach Investigations Report, 2017 Cost of Cybercrime Study, Ponemon Institute • Multi-stage, manual attacks are the most financially devastating Time to Attack Discovery $3.62 million average cost of a breach Risky Behavior 14% data breaches caused by human error • Risky behavior increases risk of malicious attacks Malicious Insiders 25% of breaches involve insiders And it takes months to discover attacks Compromised Endpoints 51% data breaches leverage already compromised machines $2.4 million Average cost of malware per company 15 | © 2018, Palo Alto Networks. Confidential and Proprietary.
TODAY’S DETECTION AND RESPONSE DOESN’T WORK Static Rules Manually-defined correlation rules • Hard to develop and maintain • False positives Slow Investigations Repetitive processes Manual endpoint forensics • Days or weeks to block threats Wrong Data Inconsistent logs; mostly violations Collecting right data requires deploying sensors and agents Lack of Scale Not built for big data Cost-prohibitive to log necessary data Slow software release cycles 16 | © 2017, Palo Alto Networks. Confidential and Proprietary.
Static Rules Manually-defined correlation rules • Hard to develop and maintain • False positives Slow Investigations Repetitive processes Manual endpoint forensics • Days or weeks to block threats Lack of Scale Not built for big data Cost-prohibitive to log necessary data Slow software release cycles Wrong Data Inconsistent logs; mostly violations Collecting right data requires deploying sensors and agents Rich Data Comprehensive network, endpoint and cloud data collected by existing infrastructure Cloud Scale & Agility Cloud elasticity for data storage Rapid innovation Machine Learning Machine learning to profile behavior and automatically detect attacks Rapid Response Small number of actionable alerts Threat intelligence and endpoint analysis Firewall remediation WHAT IS NEEDED 17 | © 2017, Palo Alto Networks. Confidential and Proprietary.
MAGNIFIER BEHAVIORAL ANALYTICS CLOUD-DELIVERED SECURITY SERVICES DATA FROM LOGS & TELEMETRY NETWORK MAGNIFIER MACHINE LEARNING ENDPOINT CLOUD 18 | © 2018, Palo Alto Networks. Confidential and Proprietary. • Analyze rich network, endpoint and cloud data with machine learning • Accelerate investigations with endpoint analysis • Gain scalability, agility and ease of deployment as a cloud-delivered app
Endpoint Data Center Campus Network Data Center 2 31 DETECT attacks based on network, endpoint, and cloud data HOW MAGNIFIER WORKS Magnifier Cloud Data Center Logging Service Pathfinder VM Next-Generation Firewall Next-Generation Firewall Campus Data Collection
Endpoint Data Center Magnifier Cloud Data Center Logging Service Pathfinder VM Next-Generation Firewall Campus Endpoint Interrogation Campus Network Data Center 2 3 INVESTIGATE attacks fast with automated endpoint interrogation 1 DETECT attacks based on rich network, endpoint, and cloud data HOW MAGNIFIER WORKS Next-Generation Firewall
Endpoint Data Center Magnifier Cloud Data Center Logging Service Pathfinder VM Next-Generation Firewall Campus Access Blocked by Firewall Campus Network Data Center 2 3 INVESTIGATE attacks fast with automated endpoint interrogation RESPOND by blocking devices 1 DETECT attacks based on rich network, endpoint, and cloud data HOW MAGNIFIER WORKS Next-Generation Firewall
HOW MAGNIFIER DETECTS INTERNAL RECONNAISSANCE § Profiles devices, their types and their availability § Detects an unusual number of failed connections to nonexistent devices • Compared to past behavior • Compared to peer behavior § Shows other alerts for the device, helping conclude it’s a network scanner By detecting behavioral anomalies rather than simply lots of connections, Magnifier generates fewer false positives 22 | © 2017, Palo Alto Networks. Confidential and Proprietary.
23 | © 2015, Palo Alto Networks. Confidential and Proprietary. THIS IS WORK IN PROGRESS. INTERNAL ONLY MAGNIFIER WEB BASED ANALYST INTERFACE
MAGNIFIER WEB BASED ANALYST INTERFACE
HOW MAGNIFIER STOPS STEALTHY THREATS Spambot Behavior, Command and Control , Malware Behavior Large File Uploads, Remote Desktop Services New Administrative Behavior, Exfiltration Command and Control, Internal Reconnaissance, Remote Command Execution Automatic Detection Streamlined Investigation Rapid Response Actionable alerts with context of: • User • Endpoint • Process Firewall remediation: • Block attack sources • Block malicious destinations Targeted Attacks Malicious Insiders Risky Behavior Compromised Endpoints 25 | © 2017, Palo Alto Networks. Confidential and Proprietary.
Application HTTP protocol http://abc.com/p?i=2 Response code: 301 Response size: 20 application context abc.com domain Network Host User Process co_afd.exe executable gengel user DEV1 hostname 10.8.1.10 source IP 64.81.2.23 destination IP TCP/80 destination port Malware WildFire analysis 00:1b:17:05:2c:10 MAC address DETAILED CONTEXT TO SPEED UP INVESTIGATIONS
MAGNIFIER PREREQUISITES 27 | © 2018, Palo Alto Networks. Confidential and Proprietary. • 1000+ users in the main corporate network • NGFW in the datacenter, inline or in tap mode, running PANOS 8.0.6+ • Panorama (required for Logging Service) • Logging Service
Prevent costly breaches with: • Behavioral analytics built expressly for our rich network, cloud and endpoint data • Machine learning at cloud scale • Integrated threat analysis and rapid network-level response Reduce Risk IN SUMMARY MAGNIFIER MACHINE LEARNING • Automate detection and accelerate response to free up analysts to focus on threats that matter • Simplify deployment • Avoid costly on-premise log storage Streamline Operations 28 | © 2017, Palo Alto Networks. Confidential and Proprietary. https://www.paloaltonetworks.com/resources/videos/magnifier
Palo Alto Networks - Magnifier

Recomendados

Creating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVaultCreating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVaultAlienVault
 
DevOps maturity models Knowit and DASA
DevOps maturity models Knowit and DASADevOps maturity models Knowit and DASA
DevOps maturity models Knowit and DASAKari Kakkonen
 
Something Fun About Using SIEM by Dr. Anton Chuvakin
Something Fun About Using SIEM by Dr. Anton ChuvakinSomething Fun About Using SIEM by Dr. Anton Chuvakin
Something Fun About Using SIEM by Dr. Anton ChuvakinAnton Chuvakin
 
SSAE 16 Transitions Overview
SSAE 16 Transitions OverviewSSAE 16 Transitions Overview
SSAE 16 Transitions OverviewJeffrey Paulette
 
Measuring Success - Security KPIs
Measuring Success - Security KPIsMeasuring Success - Security KPIs
Measuring Success - Security KPIsH Contrex
 
Yell - A cross border acquisition
Yell - A cross border acquisitionYell - A cross border acquisition
Yell - A cross border acquisitionEleonora Martignoni
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPrime Infoserv
 
Managing the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsManaging the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsApigee | Google Cloud
 

Recomendados

Creating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVaultCreating Correlation Rules in AlienVault
Creating Correlation Rules in AlienVaultAlienVault
 
DevOps maturity models Knowit and DASA
DevOps maturity models Knowit and DASADevOps maturity models Knowit and DASA
DevOps maturity models Knowit and DASAKari Kakkonen
 
Something Fun About Using SIEM by Dr. Anton Chuvakin
Something Fun About Using SIEM by Dr. Anton ChuvakinSomething Fun About Using SIEM by Dr. Anton Chuvakin
Something Fun About Using SIEM by Dr. Anton ChuvakinAnton Chuvakin
 
SSAE 16 Transitions Overview
SSAE 16 Transitions OverviewSSAE 16 Transitions Overview
SSAE 16 Transitions OverviewJeffrey Paulette
 
Measuring Success - Security KPIs
Measuring Success - Security KPIsMeasuring Success - Security KPIs
Measuring Success - Security KPIsH Contrex
 
Yell - A cross border acquisition
Yell - A cross border acquisitionYell - A cross border acquisition
Yell - A cross border acquisitionEleonora Martignoni
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPrime Infoserv
 
Managing the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsManaging the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsApigee | Google Cloud
 
Check Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - DetailedCheck Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - DetailedMoti Sagey מוטי שגיא
 
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...Amazon Web Services
 
Quarkus tips, tricks, and techniques
Quarkus tips, tricks, and techniquesQuarkus tips, tricks, and techniques
Quarkus tips, tricks, and techniquesRed Hat Developers
 
Iso27001 The Road To Certification
Iso27001 The Road To CertificationIso27001 The Road To Certification
Iso27001 The Road To Certificationtschraider
 
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE - ATT&CKcon
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionMarketingArrowECS_CZ
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
CISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranetsCISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranetsKarthikeyan Dhayalan
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
Siem solutions R&E
Siem solutions R&ESiem solutions R&E
Siem solutions R&EOwais Ahmad
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
IBM Blockchain Overview
IBM Blockchain OverviewIBM Blockchain Overview
IBM Blockchain OverviewAlexander Al Basosi
 
Using AIOps to reduce incidents volume
Using AIOps to reduce incidents volumeUsing AIOps to reduce incidents volume
Using AIOps to reduce incidents volumeAmazon Web Services
 
Elastic Security: Unified protection for everyone
Elastic Security: Unified protection for everyoneElastic Security: Unified protection for everyone
Elastic Security: Unified protection for everyoneElasticsearch
 
ISO/IEC 27005 : processus de traitement des risques et conformité
ISO/IEC 27005 : processus de traitement des risques et conformitéISO/IEC 27005 : processus de traitement des risques et conformité
ISO/IEC 27005 : processus de traitement des risques et conformitéPECB
 
Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2Apigee | Google Cloud
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadarPencilData
 
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entrepriseProgramme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entrepriseEyesOpen Association
 
Microservices: The Right Way
Microservices: The Right WayMicroservices: The Right Way
Microservices: The Right WayDaniel Woods
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD PipelineJames Wickett
 
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPROIDEA
 
A rede como um sensor de segurança
A rede como um sensor de segurança A rede como um sensor de segurança
A rede como um sensor de segurança Cisco do Brasil
 

Mais conteúdo relacionado

Mais procurados

Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...Amazon Web Services
 
Quarkus tips, tricks, and techniques
Quarkus tips, tricks, and techniquesQuarkus tips, tricks, and techniques
Quarkus tips, tricks, and techniquesRed Hat Developers
 
Iso27001 The Road To Certification
Iso27001 The Road To CertificationIso27001 The Road To Certification
Iso27001 The Road To Certificationtschraider
 
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE - ATT&CKcon
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionMarketingArrowECS_CZ
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
CISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranetsCISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranetsKarthikeyan Dhayalan
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001Imran Ahmed
 
Siem solutions R&E
Siem solutions R&ESiem solutions R&E
Siem solutions R&EOwais Ahmad
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Yokogawa1
 
Using AIOps to reduce incidents volume
Using AIOps to reduce incidents volumeUsing AIOps to reduce incidents volume
Using AIOps to reduce incidents volumeAmazon Web Services
 
Elastic Security: Unified protection for everyone
Elastic Security: Unified protection for everyoneElastic Security: Unified protection for everyone
Elastic Security: Unified protection for everyoneElasticsearch
 
ISO/IEC 27005 : processus de traitement des risques et conformité
ISO/IEC 27005 : processus de traitement des risques et conformitéISO/IEC 27005 : processus de traitement des risques et conformité
ISO/IEC 27005 : processus de traitement des risques et conformitéPECB
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadarPencilData
 
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entrepriseProgramme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entrepriseEyesOpen Association
 
Microservices: The Right Way
Microservices: The Right WayMicroservices: The Right Way
Microservices: The Right WayDaniel Woods
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD PipelineJames Wickett
 

Mais procurados (20)

Check Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - DetailedCheck Point Corporate Overview 2020 - Detailed
Check Point Corporate Overview 2020 - Detailed
 
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
 
Quarkus tips, tricks, and techniques
Quarkus tips, tricks, and techniquesQuarkus tips, tricks, and techniques
Quarkus tips, tricks, and techniques
 
Iso27001 The Road To Certification
Iso27001 The Road To CertificationIso27001 The Road To Certification
Iso27001 The Road To Certification
 
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITREMITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
MITRE ATT&CKcon 2.0: State of the ATT&CK; Blake Strom, MITRE
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data Protection
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
CISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranetsCISSP - Chapter 4 - Intranet and extranets
CISSP - Chapter 4 - Intranet and extranets
 
Basic introduction to iso27001
Basic introduction to iso27001Basic introduction to iso27001
Basic introduction to iso27001
 
Siem solutions R&E
Siem solutions R&ESiem solutions R&E
Siem solutions R&E
 
Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443Secure Systems Security and ISA99- IEC62443
Secure Systems Security and ISA99- IEC62443
 
IBM Blockchain Overview
IBM Blockchain OverviewIBM Blockchain Overview
IBM Blockchain Overview
 
Using AIOps to reduce incidents volume
Using AIOps to reduce incidents volumeUsing AIOps to reduce incidents volume
Using AIOps to reduce incidents volume
 
Elastic Security: Unified protection for everyone
Elastic Security: Unified protection for everyoneElastic Security: Unified protection for everyone
Elastic Security: Unified protection for everyone
 
ISO/IEC 27005 : processus de traitement des risques et conformité
ISO/IEC 27005 : processus de traitement des risques et conformitéISO/IEC 27005 : processus de traitement des risques et conformité
ISO/IEC 27005 : processus de traitement des risques et conformité
 
Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2Apigee Product Roadmap Part 2
Apigee Product Roadmap Part 2
 
Introduction to QRadar
Introduction to QRadarIntroduction to QRadar
Introduction to QRadar
 
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entrepriseProgramme de cybersécurité : Implementer le framework NIST CSF en entreprise
Programme de cybersécurité : Implementer le framework NIST CSF en entreprise
 
Microservices: The Right Way
Microservices: The Right WayMicroservices: The Right Way
Microservices: The Right Way
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline
 

Semelhante a Palo Alto Networks - Magnifier

PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPROIDEA
 
A rede como um sensor de segurança
A rede como um sensor de segurança A rede como um sensor de segurança
A rede como um sensor de segurança Cisco do Brasil
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughImperva
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsEmulex Corporation
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
Visibility and Automation for Enhanced Security
Visibility and Automation for Enhanced SecurityVisibility and Automation for Enhanced Security
Visibility and Automation for Enhanced Securitypatmisasi
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Sangfor's Presentation.pdf
Sangfor's Presentation.pdfSangfor's Presentation.pdf
Sangfor's Presentation.pdfssusera76ea9
 
Ntxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNtxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNorth Texas Chapter of the ISSA
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNcentralohioissa
 
Endpoint Modeling 101 - A New Approach to Endpoint Security
Endpoint Modeling 101 - A New Approach to Endpoint SecurityEndpoint Modeling 101 - A New Approach to Endpoint Security
Endpoint Modeling 101 - A New Approach to Endpoint SecurityObservable Networks
 
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMwareVMUG IT
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos CloudCsa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos CloudCSA Argentina
 
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...Savvius, Inc
 
Cloud Security Primer - F5 Networks
Cloud Security Primer - F5 NetworksCloud Security Primer - F5 Networks
Cloud Security Primer - F5 NetworksHarry Gunns
 

Semelhante a Palo Alto Networks - Magnifier (20)

PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
 
A rede como um sensor de segurança
A rede como um sensor de segurança A rede como um sensor de segurança
A rede como um sensor de segurança
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto Networks
 
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsUsing NetFlow to Streamline Security Analysis and Response to Cyber Threats
Using NetFlow to Streamline Security Analysis and Response to Cyber Threats
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 
Visibility and Automation for Enhanced Security
Visibility and Automation for Enhanced SecurityVisibility and Automation for Enhanced Security
Visibility and Automation for Enhanced Security
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
 
Sangfor's Presentation.pdf
Sangfor's Presentation.pdfSangfor's Presentation.pdf
Sangfor's Presentation.pdf
 
Juniper idp overview
Juniper idp overviewJuniper idp overview
Juniper idp overview
 
CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption?
 
Ntxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediationNtxissacsc5 gold 4 beyond detection and prevension remediation
Ntxissacsc5 gold 4 beyond detection and prevension remediation
 
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDNOliver Schuermann - Integrated Software in Networking - the Mystery of SDN
Oliver Schuermann - Integrated Software in Networking - the Mystery of SDN
 
Endpoint Modeling 101 - A New Approach to Endpoint Security
Endpoint Modeling 101 - A New Approach to Endpoint SecurityEndpoint Modeling 101 - A New Approach to Endpoint Security
Endpoint Modeling 101 - A New Approach to Endpoint Security
 
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
 
Wireless Network Security Palo Alto Networks / Aruba Networks Integration
Wireless Network Security Palo Alto Networks / Aruba Networks IntegrationWireless Network Security Palo Alto Networks / Aruba Networks Integration
Wireless Network Security Palo Alto Networks / Aruba Networks Integration
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos CloudCsa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
 
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
All Hope is Not Lost Network Forensics Exposes Today's Advanced Security Thr...
 
Cloud Security Primer - F5 Networks
Cloud Security Primer - F5 NetworksCloud Security Primer - F5 Networks
Cloud Security Primer - F5 Networks
 

Mais de Jisc

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Jisc
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...Jisc
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxJisc
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxJisc
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Jisc
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...Jisc
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptxJisc
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxJisc
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxJisc
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxJisc
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJisc
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxJisc
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptxJisc
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptxJisc
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxJisc
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptxJisc
 

Mais de Jisc (20)

Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
MarkChilds.pptx
MarkChilds.pptxMarkChilds.pptx
MarkChilds.pptx
 
RStrachanOct23.pptx
RStrachanOct23.pptxRStrachanOct23.pptx
RStrachanOct23.pptx
 
ISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptxISDX2 Oct 2023 .pptx
ISDX2 Oct 2023 .pptx
 
FerrellWalker.pptx
FerrellWalker.pptxFerrellWalker.pptx
FerrellWalker.pptx
 

Último

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 

Último (20)

"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 

Palo Alto Networks - Magnifier

  • 2. Palo Alto Networks at a glance Founded in 2005; first customer shipment in 2007 Around 50 customers in UK Higher Education More than 42,500 customers in 150+ countries FY17 $1.8B revenue, 28% YoY growth that significantly outpaced the industry Over 85 of the Fortune 100 and 60% of the Global 2000 rely on us Excellent global support, awarded by J.D. Power and TSIA Experienced team of nearly 5,000 employees
  • 3. PALO ALTO NETWORKS PLATFORM NETWORK SECURITY ADVANCED ENDPOINT PROTECTION CLOUD SECURITY WildFireThreat Prevention URL Filtering AutoFocus Logging Service Magnifier MineMeld CLOUD-DELIVERED SECURITY SERVICES
  • 4. SECURITY REFERENCE BLUEPRINT FOR HIGHER EDUCATION
  • 6. NETWORK SECURITY LOGGING NEEDS 6 | © 2016, Palo Alto Networks. Confidential and Proprietary. Insights into network, apps, and user behavior Scale logging infrastructure with changing business needs E.g. Increasing retention User Behavior Cloud Apps Network Activity Central repository for NGFW & Cloud Services logs One-Place
  • 7. INTRODUCING LOGGING SERVICE 7 | © 2017, Palo Alto Networks, Inc. Confidential and Proprietary. • Designed to collect and store large amounts of our high-value log data • Leverages powerful, elastic cloud-based computing to provide visibility and insights on large amounts of data • A centralized access point for the data of innovative apps in the Palo Alto Networks Application Framework 1TB xTB
  • 8. Logging Service Branch Mobile GlobalProtect Cloud Service LOGGING SERVICE – CURRENT SOURCES Headquarter Data Center Log Collector Branch Cloud Endpoint
  • 9. LOGGING SERVICE BENEFITS 9 | © 2017, Palo Alto Networks, Inc. Confidential and Proprietary. • Provides operational simplicity • Reduces both work and guesswork from log management • Improves business agility (new firewalls, acquisitions, new offices, etc.) • Allows leveraging of the log data to enable innovative security capabilities • Offers economic model of choice: pay for what you need, when you need it
  • 10. A KEY COMPONENT OF THE APPLICATION FRAMEWORK 11 | © 2015, Palo Alto Networks. Confidential and Proprietary. THIS IS WORK IN PROGRESS. INTERNAL ONLY MAGNIFIER
  • 12. SUCCESSFUL ATTACKS REQUIRE MULTIPLE STEPS Disrupt every step to prevent successful cyberattacks • Occurs in seconds to minutes • Involves a small number of network actions • Can often be identified by IoCs • Occurs over days, weeks, or months • Involves a large number of network actions • Can rarely be identified by IoCs Attack Lifecycle Data Exfiltration Lateral Movement Malware Installation Vulnerability Exploit Command and Control 13 | © 2018, Palo Alto Networks. Confidential and Proprietary.
  • 13. DETECTION AND RESPONSE MUST BE DIFFERENT • Attackers must perform thousands of actions to achieve their objective • Each individual action may look innocent By profiling behavior, organizations can detect the behavioral changes that attackers cannot conceal Connectivity rate change Vulnerability Exploit Malware Installation Command and Control Lateral Movement Data Exfiltration 14 | © 2018, Palo Alto Networks. Confidential and Proprietary. Repeated access to an unusual site Unusually large upload
  • 14. STEALTHY THREATS THAT LEAD TO DATA BREACHES Targeted Attacks 0% 10% 20% 30% 40% 50% 60% SecondsM inutes H ours D ays W eeksM onths Years 2017 Verizon Data Breach Investigations Report, 2017 Cost of Cybercrime Study, Ponemon Institute • Multi-stage, manual attacks are the most financially devastating Time to Attack Discovery $3.62 million average cost of a breach Risky Behavior 14% data breaches caused by human error • Risky behavior increases risk of malicious attacks Malicious Insiders 25% of breaches involve insiders And it takes months to discover attacks Compromised Endpoints 51% data breaches leverage already compromised machines $2.4 million Average cost of malware per company 15 | © 2018, Palo Alto Networks. Confidential and Proprietary.
  • 15. TODAY’S DETECTION AND RESPONSE DOESN’T WORK Static Rules Manually-defined correlation rules • Hard to develop and maintain • False positives Slow Investigations Repetitive processes Manual endpoint forensics • Days or weeks to block threats Wrong Data Inconsistent logs; mostly violations Collecting right data requires deploying sensors and agents Lack of Scale Not built for big data Cost-prohibitive to log necessary data Slow software release cycles 16 | © 2017, Palo Alto Networks. Confidential and Proprietary.
  • 16. Static Rules Manually-defined correlation rules • Hard to develop and maintain • False positives Slow Investigations Repetitive processes Manual endpoint forensics • Days or weeks to block threats Lack of Scale Not built for big data Cost-prohibitive to log necessary data Slow software release cycles Wrong Data Inconsistent logs; mostly violations Collecting right data requires deploying sensors and agents Rich Data Comprehensive network, endpoint and cloud data collected by existing infrastructure Cloud Scale & Agility Cloud elasticity for data storage Rapid innovation Machine Learning Machine learning to profile behavior and automatically detect attacks Rapid Response Small number of actionable alerts Threat intelligence and endpoint analysis Firewall remediation WHAT IS NEEDED 17 | © 2017, Palo Alto Networks. Confidential and Proprietary.
  • 17. MAGNIFIER BEHAVIORAL ANALYTICS CLOUD-DELIVERED SECURITY SERVICES DATA FROM LOGS & TELEMETRY NETWORK MAGNIFIER MACHINE LEARNING ENDPOINT CLOUD 18 | © 2018, Palo Alto Networks. Confidential and Proprietary. • Analyze rich network, endpoint and cloud data with machine learning • Accelerate investigations with endpoint analysis • Gain scalability, agility and ease of deployment as a cloud-delivered app
  • 18. Endpoint Data Center Campus Network Data Center 2 31 DETECT attacks based on network, endpoint, and cloud data HOW MAGNIFIER WORKS Magnifier Cloud Data Center Logging Service Pathfinder VM Next-Generation Firewall Next-Generation Firewall Campus Data Collection
  • 19. Endpoint Data Center Magnifier Cloud Data Center Logging Service Pathfinder VM Next-Generation Firewall Campus Endpoint Interrogation Campus Network Data Center 2 3 INVESTIGATE attacks fast with automated endpoint interrogation 1 DETECT attacks based on rich network, endpoint, and cloud data HOW MAGNIFIER WORKS Next-Generation Firewall
  • 20. Endpoint Data Center Magnifier Cloud Data Center Logging Service Pathfinder VM Next-Generation Firewall Campus Access Blocked by Firewall Campus Network Data Center 2 3 INVESTIGATE attacks fast with automated endpoint interrogation RESPOND by blocking devices 1 DETECT attacks based on rich network, endpoint, and cloud data HOW MAGNIFIER WORKS Next-Generation Firewall
  • 21. HOW MAGNIFIER DETECTS INTERNAL RECONNAISSANCE § Profiles devices, their types and their availability § Detects an unusual number of failed connections to nonexistent devices • Compared to past behavior • Compared to peer behavior § Shows other alerts for the device, helping conclude it’s a network scanner By detecting behavioral anomalies rather than simply lots of connections, Magnifier generates fewer false positives 22 | © 2017, Palo Alto Networks. Confidential and Proprietary.
  • 22. 23 | © 2015, Palo Alto Networks. Confidential and Proprietary. THIS IS WORK IN PROGRESS. INTERNAL ONLY MAGNIFIER WEB BASED ANALYST INTERFACE
  • 23. MAGNIFIER WEB BASED ANALYST INTERFACE
  • 24. HOW MAGNIFIER STOPS STEALTHY THREATS Spambot Behavior, Command and Control , Malware Behavior Large File Uploads, Remote Desktop Services New Administrative Behavior, Exfiltration Command and Control, Internal Reconnaissance, Remote Command Execution Automatic Detection Streamlined Investigation Rapid Response Actionable alerts with context of: • User • Endpoint • Process Firewall remediation: • Block attack sources • Block malicious destinations Targeted Attacks Malicious Insiders Risky Behavior Compromised Endpoints 25 | © 2017, Palo Alto Networks. Confidential and Proprietary.
  • 25. Application HTTP protocol http://abc.com/p?i=2 Response code: 301 Response size: 20 application context abc.com domain Network Host User Process co_afd.exe executable gengel user DEV1 hostname 10.8.1.10 source IP 64.81.2.23 destination IP TCP/80 destination port Malware WildFire analysis 00:1b:17:05:2c:10 MAC address DETAILED CONTEXT TO SPEED UP INVESTIGATIONS
  • 26. MAGNIFIER PREREQUISITES 27 | © 2018, Palo Alto Networks. Confidential and Proprietary. • 1000+ users in the main corporate network • NGFW in the datacenter, inline or in tap mode, running PANOS 8.0.6+ • Panorama (required for Logging Service) • Logging Service
  • 27. Prevent costly breaches with: • Behavioral analytics built expressly for our rich network, cloud and endpoint data • Machine learning at cloud scale • Integrated threat analysis and rapid network-level response Reduce Risk IN SUMMARY MAGNIFIER MACHINE LEARNING • Automate detection and accelerate response to free up analysts to focus on threats that matter • Simplify deployment • Avoid costly on-premise log storage Streamline Operations 28 | © 2017, Palo Alto Networks. Confidential and Proprietary. https://www.paloaltonetworks.com/resources/videos/magnifier