SlideShare uma empresa Scribd logo

DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS

Cristian Garcia G.
Cristian Garcia G.

Conozca como tener una completa visibilidad para identificar e investigar los ataques, detecte y analice ataques avanzados, antes que afecten al negocio, gestione los incidentes más importantes, permitiéndole combinar Logs con otros tipos de datos como tráfico en la red, información end point y datos en la nube.

Tecnologia
1 de 32
Baixar para ler offline
1 YO SIGO TRABAJANDO EN CASA Christian.Ramos@rsa.com Senior System Engineer Bolivia, Ecuador & Perú
3  Internal Use - Confidential MANAGING DIGITAL RISK AMID DISRUPTION Accelerate threat detection and response from the endpoint to the cloud For Security Digital Transformation Sonia.Cordova@rsa.com Gabriela.Valdivia@rsa.com Territory Manager NOLA Sr SecurID Account Manager MaryPaz.Castillo@rsa.com Christian.Ramos@rsa.com Channels Mexico, CA, Caribe & NOLA Senior System Engineer Bolivia, Ecuador & Perú
4 DIGITAL TRANSFORMATION
5 MODERNIZATION Digital Business IoT Social Media Cloud Robotics
6 MODERNIZATION Digital Business IoT Social Media Cloud Robotics Hackers & Malware Vulnerabilities Phishing MALICE
7 MALICEMODERNIZATION MANDATES Digital Business IoT Social Media Cloud Robotics Hackers & Malware Vulnerabilities Phishing Regulatory Change Corporate Governance GDPR Privacy
8 TRANSFORMACIÓN DIGITAL S O S T E N I B I L I D A D. C R E C I M I E N TO. E F I C I E N C I A . 8 Objetivo: Agrega valor en cada componente del proceso de negocio, de manera coherente a la estrategia general. Tranformación Digital Las cuatro tendencias:  “Los móviles no son una plataforma más, sino la primera”  La Nube. “Vamos a ser capaces de definir todas nuestras infraestructuras por software”  Lo Social. “El negocio quiere integrarse en la vida del usuario y nos afecta”  Big data. “En la parte de IAM no sabemos qué hacer, porque definir los controles de acceso va a ser complicado. De ahí que deba haber algún tipo de gestión diferente”.
9  Internal Use - Confidential 9 S U P P LY C H A I N S E C U R I T Y O P E R AT I O N S W O R K F O R C E DISRUPTIONDISRUPTIONIoT Robotics Vulnerabilities Phishing Privacy GDPR Cloud
10  Internal Use - Confidential 10 S E C U R I T Y O P E R AT I O N S W O R K F O R C E DISRUPTIONDISRUPTION CONTAIN ADAPTASSESSSUSTAIN Address compliance changes Manage risk assessments Address heightened threats Address cloud threats Manage vendor ecosystem (who, what, where, why) Manage continuity efforts Manage vendor disruption (supply chain continuity) Manage identity threats Expand remote workforce securely Ensure proper data access MANAGE PROCESS AUTOMATION RISK MANAGE PROCESS AUTOMATION RISK MITIGATE CYBER ATTACK RISK MITIGATE CYBER ATTACK RISK BUILD BUSINESS RESILIENCY BUILD BUSINESS RESILIENCY SECURE YOUR CLOUD TRANSFORMATION SECURE YOUR CLOUD TRANSFORMATION EVOLVE DATA GOVERNANCE & PRIVACY EVOLVE DATA GOVERNANCE & PRIVACY MANAGE THIRD PARTY RISK MANAGE THIRD PARTY RISK MANAGE DYNAMIC WORKFORCE RISK MANAGE DYNAMIC WORKFORCE RISK MODERNIZE YOUR COMPLIANCE PROGRAM MODERNIZE YOUR COMPLIANCE PROGRAM S U P P LY C H A I N
12  Internal Use - Confidential 12 DIGITAL TRANSFORMATION VISIBILITY ACTION INSIGHT D I G I TA L R IS K MA N A G EME NT RISK MANAGEMENT IT SECURITY
13  Internal Use - Confidential 13 Understand & Respond to Cyber-Threats Evolve Security & Risk Manage Complex Regulatory Landscape MANAGE DYNAMIC WORKFORCE RISK MANAGE PROCESS AUTOMATION RISK SECURE YOUR CLOUD TRANSFORMATION MODERNIZE YOUR COMPLIANCE PROGRAM BUILD BUSINESS RESILIENCY MANAGE THIRD PARTY RISK EVOLVE DATA GOVERNANCE & PRIVACY MITIGATE CYBER ATTACK RISK DIGITAL RISK MANAGEMENT
14  Internal Use - Confidential RSA PORTAFOLIO Single, Unified Solution To Detect And Respond To Evolving Threats  Netwitness Logs  Netwitness Network  Netwitness Endpoint  Netwitness Cyber Incident and Breach Response  Netwitness User and Entity Behavior Analytics  Netwitness Orchestrator Accelerate Business While You Mitigate Identity Risk  SecurID – Authentication Manager  SecurID Access – MFA  Identity Governance & Lifecycle Centralized Cross Channel Fraud For Unified Detection And Mitigation  Fraud Action  Adaptive Authentication  Adaptive Authentication for Ecommerce Proven Business Risk Management Suite To Confidently  IT Security & Risk  Enterprise & Operational Risk  3rd Party Governance  Business Resiliency  Public Sector  Audit Management  Regulatory & Corporate Compliance
15  Internal Use - Confidential Fraud Prevention & Mitigation Identity Management Risk Management Identify, Monitor, Detection, Prevention, Respond, Restore? IT SECURITY JOURNEY
16  Internal Use - Confidential WHAT IS YOUR MANTRA IN IT SECURITY?
17 ATTACKERS TAKE ADVANTAGE OF CHALLENGES TO TURN COMPROMISES INTO BREACHES Minutes Hours Days Weeks Months Breach Detected Breach Detected 3rd Party Detection compromised in MINUTES82% of exfiltration occurred in DAYS99% discovered in MONTHS64% Spear Phishing Attack Malware Installed Initial Compromise Communicate to External Server (C2) Breach Lateral Movement Discover Critical Assets Data Exfiltration
18 TRADITIONAL METHODS WON’T PROTECT YOU “Traditional defense-in-depth components are still necessary, but are no longer sufficient in protecting against advanced targeted attacks and advanced malware” – Gartner Source: Gartner’s “Five Styles of Advanced Threat Defense” Network Traffic Analysis Style 1 Payload Analysis Style 3 Endpoint Behavior Analysis Style 4 Network Forensics Style 2 Endpoint Forensics Style 5 Where to Look Network Payload Endpoint Time SIEM NBA – NTA - NFA EDR
19 VPN
20 EVOLUTION OF THREAT ACTORS & DETECTION IMPLICATIONS Firewall IDS/IPS Antivirus Antimalware Correlacionador SIEM CAPA DE SEGURIDAD TRADICIONAL Visibilidad delaRED Visibilidad delTERMINAL Tecnologías Operacionales Tecnologías de información INFORMACION OBJETIVO INFRAESTRUCTURA CAPA DE SEGURIDAD AVANZADA ESPACIOBLANCO NOVIGILADO ATACANTES
21 Detect Respond Network RSA NetWitness Endpoint Logs Orchestration Endpoint Logs Network RSA Advanced Cyber Defense RSA Incident Response RSA Professional Services Threat Intelligence (Live) RSA ADVANCED SOC SOLUTIONS
22 METADATA It’s the story behind the data x.x.x.x 10.0.0.1 TCP/80 10.0.0.1 y.y.y.y UDP/53 China Web Server Tor Node HTTP Post no Get Base64 Encoded Payload Encrypted Zip File Apache runs PowerShell Command line with Zip Password Payload is FTP Logs Threat Intel Network Endpoint In a single interface, at capture time
23 RSA NETWITNESS UEBA BEHAVIOURAL ANALYTICS SMART Alerts around specific use cases- e.g. Data exfiltration Context around detected risks- which user, what time / activity? Investigation of each detected alert anomaly RSA NETWITNESS LOGS BEHAVIORAL ANALYTICS UNIQUE UNSUPERVISED 3 STAGE MACHINE LEARNING OUTCOME
24 ANALYZING LOGON ACTIVITY - EXAMPLE 3,009 Indicators 56 Alerts 37 High Risk Users 1.6B~Logon Events 7 Indicators Abnormal Logon Time Abnormal Source Computer Abnormal Destination Computer Multiple Successful Authentication Multiple Failed Authentications Multiple Source Computers Multiple Destination Computers Windows Logons (4624) 2 Months 5,000 AD users 1 Input Source Interactive Logons 4 Alerts Brute Force Authentication Non-Standard Hours User Login to Abnormal Computer User Logins to Multiple Hosts
25 CONNECTING THE DOTS. LITERALLY. EFFECTIVE ANOMALY DETECTION IN ACTION User: Randall S. Anderson Raw events Threat Indicators Correlated alert with scoring
26 CONNECTING THE DOTS. LITERALLY. EFFECTIVE ANOMALY DETECTION IN ACTION User: Randall S. Anderson Raw events Threat Indicators Correlated alert with scoring
27 CONNECTING THE DOTS. LITERALLY. EFFECTIVE ANOMALY DETECTION IN ACTION User: Randall S. Anderson Raw events Threat Indicators Correlated alerts with scoring  Alert Score = 15
28CONFIDENTIAL VISUALIZING HOW UEBA WORKS WITH EXISTING RSA NETWITNESS LOGS Data from Existing RSA NetWitness Deployment Creates baseline of normal behavior UEBA Monitors Indicators / Continues to Collect Data Indicator 1 Indicator 2 Indicator 3 Indicator 4 Anomalies DetectedAnomalies Grouped Together Uniqueness: High Severity: High
29CONFIDENTIAL SUPERVISED VS. UNSUPERVISED MACHINE LEARNING Supervised Machine Learning Item Attribute 1 Attribute 2 Large Red Medium Red Small Red Large Green Medium Green Small Green Large Blue Medium Blue Small Blue Large Yellow Medium Yellow Small Yellow ?  Administrator has to label data types  The system tries to decide what to do based on learned labels when data comes in
30 ORCHESTRATION & AUTOMATION Gartner defines security orchestration, automation and response, or SOAR, as technologies that enable organizations • ORCHESTATION [to collect security threats data and alerts from different sources, where incident analysis and triage can be performed leveraging a combination of human and machine power] • AUTOMATION [to help define, prioritize and drive standardized incident response activities according to a standard workflow.] SOAR tools allow an organization to define incident analysis and response procedures (aka plays in a security operations playbook) in a digital workflow format, such that a range of machine-driven activities can be automated.
31 RSA NETWITNESS ORCHESTATOR AUTHENTICATION DATA ENRICHMENT VULNERABILITY SIEM THREAT INTEL NETWORK FORENSICS ANALYTICS BYOI CASE MANAGEMENT ALERTS /INCIDENTS COLLABORATIONUSER/ENTITY RESPONSE ACTION MACHINE LEARNING CASE MANAGEMENT AUTOMATED PLAYBOOKS
32 EMPOWER ANALYSTS WITH RISK & AUTOMATIONRSA NetWitness v11 Respond enables Essential Incident Management actions for a SOC RSA NetWitness Orchestrator enables Advanced Incident Orchestration & Automation Needs RSA Archer Cyber Incident & Breach Response enables a Business response to declared Security Incidents
45  Internal Use - Confidential 45 INNOVATION TRUST LEADERSHIP ECOSYSTEM IoT Robotics Vulnerabilities Corporate Governance Privacy GDPR Cloud Digital BusinessRegulatory Change Hackers & Malware  Encryption  Authentication  Fraud Risk Engine  SIEM/SOAR  Integrated Risk Management  35+ years  12,500+ customers  50M+ identities  2B consumers  94% of the Fortune 500  Recognized leadership by analyst firms  Industry leading events and thought leadership  Expertise, guided by proven frameworks  700+ practitioners  400+ global partners  1100+ product integrations  Robust customer community WHY RSA
DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS

Recomendados

TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBETENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBECristian Garcia G.
 
DETENIENDO LOS ATAQUES DDOS CON NSFOCUS
DETENIENDO LOS ATAQUES DDOS CON NSFOCUSDETENIENDO LOS ATAQUES DDOS CON NSFOCUS
DETENIENDO LOS ATAQUES DDOS CON NSFOCUSCristian Garcia G.
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Cristian Garcia G.
 
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.Cristian Garcia G.
 
INFINITY Presentation
INFINITY PresentationINFINITY Presentation
INFINITY PresentationCristian Garcia G.
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioShah Sheikh
 
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...Cristian Garcia G.
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCristian Garcia G.
 

Recomendados

TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBETENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBE
TENDENCIAS DE SEGURIDAD PARA AMBIENTES EN LA NUBECristian Garcia G.
 
DETENIENDO LOS ATAQUES DDOS CON NSFOCUS
DETENIENDO LOS ATAQUES DDOS CON NSFOCUSDETENIENDO LOS ATAQUES DDOS CON NSFOCUS
DETENIENDO LOS ATAQUES DDOS CON NSFOCUSCristian Garcia G.
 
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...
Nube, Cumplimiento y Amenazas avanzadas: Consideraciones de Seguridad para la...Cristian Garcia G.
 
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.Cristian Garcia G.
 
INFINITY Presentation
INFINITY PresentationINFINITY Presentation
INFINITY PresentationCristian Garcia G.
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioShah Sheikh
 
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...
Porque las Amenazas avanzadas requieren de una Seguridad para Aplicaciones av...Cristian Garcia G.
 
Cloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCloud Security Strategy by McAfee
Cloud Security Strategy by McAfeeCristian Garcia G.
 
Empowering Digital Transformation in Financial Services
Empowering Digital Transformation in Financial ServicesEmpowering Digital Transformation in Financial Services
Empowering Digital Transformation in Financial ServicesCristian Garcia G.
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
Seguridad: Realidad o Ficción: Control y Seguridad en sus Aplicaciones F5
Seguridad: Realidad o Ficción: Control y Seguridad en sus Aplicaciones F5Seguridad: Realidad o Ficción: Control y Seguridad en sus Aplicaciones F5
Seguridad: Realidad o Ficción: Control y Seguridad en sus Aplicaciones F5Cristian Garcia G.
 
El Futuro de la Cibersegu
El Futuro de la CiberseguEl Futuro de la Cibersegu
El Futuro de la CiberseguCristian Garcia G.
 
Ict 2015 saga - cisco cybersecurity rešenja- Viktor Varga
Ict 2015 saga - cisco cybersecurity rešenja- Viktor VargaIct 2015 saga - cisco cybersecurity rešenja- Viktor Varga
Ict 2015 saga - cisco cybersecurity rešenja- Viktor VargaDejan Jeremic
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceShah Sheikh
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectionSymantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectioninfoLock Technologies
 
DTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration TestingDTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration TestingShah Sheikh
 
Ascendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityAscendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityCristian Garcia G.
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Shah Sheikh
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataCristian Garcia G.
 
BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA ...
BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA ...BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA ...
BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA ...Cristian Garcia G.
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Reduciendo su riesgo cibernético midiendo su Cyber Exposure
Reduciendo su riesgo cibernético midiendo su Cyber Exposure Reduciendo su riesgo cibernético midiendo su Cyber Exposure
Reduciendo su riesgo cibernético midiendo su Cyber Exposure Cristian Garcia G.
 
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleWalk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleEnterpriseGRC Solutions, Inc.
 
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Cristian Garcia G.
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter Rahul Neel Mani
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 

Mais conteúdo relacionado

Mais procurados

Empowering Digital Transformation in Financial Services
Empowering Digital Transformation in Financial ServicesEmpowering Digital Transformation in Financial Services
Empowering Digital Transformation in Financial ServicesCristian Garcia G.
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security GovernancePriyanka Aash
 
Seguridad: Realidad o Ficción: Control y Seguridad en sus Aplicaciones F5
Seguridad: Realidad o Ficción: Control y Seguridad en sus Aplicaciones F5Seguridad: Realidad o Ficción: Control y Seguridad en sus Aplicaciones F5
Seguridad: Realidad o Ficción: Control y Seguridad en sus Aplicaciones F5Cristian Garcia G.
 
Ict 2015 saga - cisco cybersecurity rešenja- Viktor Varga
Ict 2015 saga - cisco cybersecurity rešenja- Viktor VargaIct 2015 saga - cisco cybersecurity rešenja- Viktor Varga
Ict 2015 saga - cisco cybersecurity rešenja- Viktor VargaDejan Jeremic
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3Shawn Croswell
 
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceShah Sheikh
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectionSymantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectioninfoLock Technologies
 
DTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration TestingDTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration TestingShah Sheikh
 
Ascendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityAscendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityCristian Garcia G.
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Shah Sheikh
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoCristian Garcia G.
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataCristian Garcia G.
 
BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA ...
BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA ...BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA ...
BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA ...Cristian Garcia G.
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Reduciendo su riesgo cibernético midiendo su Cyber Exposure
Reduciendo su riesgo cibernético midiendo su Cyber Exposure Reduciendo su riesgo cibernético midiendo su Cyber Exposure
Reduciendo su riesgo cibernético midiendo su Cyber Exposure Cristian Garcia G.
 
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleWalk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleEnterpriseGRC Solutions, Inc.
 
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Cristian Garcia G.
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 

Mais procurados (20)

Empowering Digital Transformation in Financial Services
Empowering Digital Transformation in Financial ServicesEmpowering Digital Transformation in Financial Services
Empowering Digital Transformation in Financial Services
 
Cyber Security Governance
Cyber Security GovernanceCyber Security Governance
Cyber Security Governance
 
Seguridad: Realidad o Ficción: Control y Seguridad en sus Aplicaciones F5
Seguridad: Realidad o Ficción: Control y Seguridad en sus Aplicaciones F5Seguridad: Realidad o Ficción: Control y Seguridad en sus Aplicaciones F5
Seguridad: Realidad o Ficción: Control y Seguridad en sus Aplicaciones F5
 
El Futuro de la Cibersegu
El Futuro de la CiberseguEl Futuro de la Cibersegu
El Futuro de la Cibersegu
 
Ict 2015 saga - cisco cybersecurity rešenja- Viktor Varga
Ict 2015 saga - cisco cybersecurity rešenja- Viktor VargaIct 2015 saga - cisco cybersecurity rešenja- Viktor Varga
Ict 2015 saga - cisco cybersecurity rešenja- Viktor Varga
 
kill-chain-presentation-v3
kill-chain-presentation-v3kill-chain-presentation-v3
kill-chain-presentation-v3
 
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
 
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat ProtectionSymantec Cyber Security Solutions | MSS and Advanced Threat Protection
Symantec Cyber Security Solutions | MSS and Advanced Threat Protection
 
DTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration TestingDTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration Testing
 
Ascendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber SecurityAscendiendo a la GEN V de Cyber Security
Ascendiendo a la GEN V de Cyber Security
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
 
Seguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable DataSeguridad en Capas: Smart & Actionable Data
Seguridad en Capas: Smart & Actionable Data
 
BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA ...
BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA ...BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA ...
BUSCAS UNA SEGURIDAD INTEGRADA Y DINÁMICA? ; INTELIGENCIA Y COLABORACIÓN LA ...
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
Reduciendo su riesgo cibernético midiendo su Cyber Exposure
Reduciendo su riesgo cibernético midiendo su Cyber Exposure Reduciendo su riesgo cibernético midiendo su Cyber Exposure
Reduciendo su riesgo cibernético midiendo su Cyber Exposure
 
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 ruleWalk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
Walk This Way: CIS CSC and NIST CSF is the 80 in the 80/20 rule
 
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
Últimos retos en el ámbito de la Ciberseguridad: Análisis de amenazas Ciberné...
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
 

Semelhante a DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS

Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Infosec 2014: Intelligence as a Service: The Future of Frontline Security
Infosec 2014: Intelligence as a Service: The Future of Frontline SecurityInfosec 2014: Intelligence as a Service: The Future of Frontline Security
Infosec 2014: Intelligence as a Service: The Future of Frontline SecuritySkybox Security
 
Kaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityNetworkCollaborators
 
Best Practices for Scoping Infections and Disrupting Breaches
Best Practices for Scoping Infections and Disrupting BreachesBest Practices for Scoping Infections and Disrupting Breaches
Best Practices for Scoping Infections and Disrupting BreachesSplunk
 
Bridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementBridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementPriyanka Aash
 
Bridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementBridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementPriyanka Aash
 
Cognitive security
Cognitive securityCognitive security
Cognitive securityIqra khalil
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceCamilo Fandiño Gómez
 
Haystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax Technology
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityMarketingArrowECS_CZ
 
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...Criminal IP
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0James Perry, Jr.
 
2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public SectorScott Geye
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...James Anderson
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 

Semelhante a DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS (20)

Be the Hunter
Be the Hunter Be the Hunter
Be the Hunter
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Infosec 2014: Intelligence as a Service: The Future of Frontline Security
Infosec 2014: Intelligence as a Service: The Future of Frontline SecurityInfosec 2014: Intelligence as a Service: The Future of Frontline Security
Infosec 2014: Intelligence as a Service: The Future of Frontline Security
 
Kaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise PortfolioKaspersky Lab new Enterprise Portfolio
Kaspersky Lab new Enterprise Portfolio
 
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive securityCisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
Cisco Connect 2018 Malaysia - Risk less, achieve more with proactive security
 
Best Practices for Scoping Infections and Disrupting Breaches
Best Practices for Scoping Infections and Disrupting BreachesBest Practices for Scoping Infections and Disrupting Breaches
Best Practices for Scoping Infections and Disrupting Breaches
 
Bridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementBridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk Management
 
Bridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk ManagementBridging the Gap Between Threat Intelligence and Risk Management
Bridging the Gap Between Threat Intelligence and Risk Management
 
Cognitive security
Cognitive securityCognitive security
Cognitive security
 
Whitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security IntelligenceWhitepaper IBM Qradar Security Intelligence
Whitepaper IBM Qradar Security Intelligence
 
Haystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence PlatformHaystax: Actionable Intelligence Platform
Haystax: Actionable Intelligence Platform
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
 
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
Criminal IP ASM | Threat Intelligence-based Automated Attack Surface Managem...
 
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
NetSecurity_ThreatResponder(r)_Capability_Brief_021116_Rev0
 
2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector2016 - Cyber Security for the Public Sector
2016 - Cyber Security for the Public Sector
 
CCA study group
CCA study groupCCA study group
CCA study group
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
GDG Cloud Southlake #4 Biodun Awojobi and Wade Walters Security Programs and ...
 
Haystax Technology - About Us
Haystax Technology - About UsHaystax Technology - About Us
Haystax Technology - About Us
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 

Mais de Cristian Garcia G.

Making App Security and Delivery Ridiculously Easy
Making App Security and Delivery Ridiculously EasyMaking App Security and Delivery Ridiculously Easy
Making App Security and Delivery Ridiculously EasyCristian Garcia G.
 
Ciberseguridad Alineada al Negocio
Ciberseguridad Alineada al NegocioCiberseguridad Alineada al Negocio
Ciberseguridad Alineada al NegocioCristian Garcia G.
 
Reducción efectiva del riesgo de ciberseguridad
Reducción efectiva del riesgo de ciberseguridadReducción efectiva del riesgo de ciberseguridad
Reducción efectiva del riesgo de ciberseguridadCristian Garcia G.
 
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio. Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio. Cristian Garcia G.
 
Ciberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACiberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACristian Garcia G.
 
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)Cristian Garcia G.
 
Protección de los datos en la era Post-Datacenter
Protección de los datos en la era Post-DatacenterProtección de los datos en la era Post-Datacenter
Protección de los datos en la era Post-DatacenterCristian Garcia G.
 
La Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
La Ciberseguridad como pilar fundamental del Desarrollo TecnológicoLa Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
La Ciberseguridad como pilar fundamental del Desarrollo TecnológicoCristian Garcia G.
 
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...Cristian Garcia G.
 
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...Cristian Garcia G.
 
Un enfoque práctico para implementar confianza cero en el trabajo híbrido
Un enfoque práctico para implementar confianza cero en el trabajo híbridoUn enfoque práctico para implementar confianza cero en el trabajo híbrido
Un enfoque práctico para implementar confianza cero en el trabajo híbridoCristian Garcia G.
 
La crisis de identidad que se avecina
La crisis de identidad que se avecinaLa crisis de identidad que se avecina
La crisis de identidad que se avecinaCristian Garcia G.
 
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxitoSimplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxitoCristian Garcia G.
 
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...Cristian Garcia G.
 
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOCStay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOCCristian Garcia G.
 
La evolución de IBM Qradar Suite
La evolución de IBM Qradar SuiteLa evolución de IBM Qradar Suite
La evolución de IBM Qradar SuiteCristian Garcia G.
 
Ciberseguridad en GTD, SecureSoft en GTD
Ciberseguridad en GTD, SecureSoft en GTD Ciberseguridad en GTD, SecureSoft en GTD
Ciberseguridad en GTD, SecureSoft en GTD Cristian Garcia G.
 
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...Cristian Garcia G.
 

Mais de Cristian Garcia G. (20)

Making App Security and Delivery Ridiculously Easy
Making App Security and Delivery Ridiculously EasyMaking App Security and Delivery Ridiculously Easy
Making App Security and Delivery Ridiculously Easy
 
Ciberseguridad Alineada al Negocio
Ciberseguridad Alineada al NegocioCiberseguridad Alineada al Negocio
Ciberseguridad Alineada al Negocio
 
Reducción efectiva del riesgo de ciberseguridad
Reducción efectiva del riesgo de ciberseguridadReducción efectiva del riesgo de ciberseguridad
Reducción efectiva del riesgo de ciberseguridad
 
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio. Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
Operación Segura : SOC y alineación del riesgo con el impacto para el negocio.
 
Ciberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IACiberseguridad en el mundo de la IA
Ciberseguridad en el mundo de la IA
 
Symantec Enterprise Cloud
Symantec Enterprise CloudSymantec Enterprise Cloud
Symantec Enterprise Cloud
 
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
Optimización en la detección de amenazas utilizando analítica (IA/UEBA)
 
Protección de los datos en la era Post-Datacenter
Protección de los datos en la era Post-DatacenterProtección de los datos en la era Post-Datacenter
Protección de los datos en la era Post-Datacenter
 
La Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
La Ciberseguridad como pilar fundamental del Desarrollo TecnológicoLa Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
La Ciberseguridad como pilar fundamental del Desarrollo Tecnológico
 
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
Simplificando la seguridad en entornos de nube híbridos con el Security Fabri...
 
Gestión de la Exposición
Gestión de la ExposiciónGestión de la Exposición
Gestión de la Exposición
 
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
Cómo la gestión de privilegios puede blindar su negocio contra ransomware y o...
 
Un enfoque práctico para implementar confianza cero en el trabajo híbrido
Un enfoque práctico para implementar confianza cero en el trabajo híbridoUn enfoque práctico para implementar confianza cero en el trabajo híbrido
Un enfoque práctico para implementar confianza cero en el trabajo híbrido
 
La crisis de identidad que se avecina
La crisis de identidad que se avecinaLa crisis de identidad que se avecina
La crisis de identidad que se avecina
 
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxitoSimplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
Simplifica y Vencerás : La seguridad debe ser simple para garantizar el éxito
 
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
Porqué enfocarnos en el DEX (Experiencia Digital del Empleado) - Cómo la tecn...
 
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOCStay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
Stay ahead of the Threats: Automate and Simplify SecOps to revolutionize the SOC
 
La evolución de IBM Qradar Suite
La evolución de IBM Qradar SuiteLa evolución de IBM Qradar Suite
La evolución de IBM Qradar Suite
 
Ciberseguridad en GTD, SecureSoft en GTD
Ciberseguridad en GTD, SecureSoft en GTD Ciberseguridad en GTD, SecureSoft en GTD
Ciberseguridad en GTD, SecureSoft en GTD
 
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
Time is Money… and More.- Nuestras Capacidades Regionales de Detección y Resp...
 

Último

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Último (20)

Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

DETECTE E INVESTIGUE LAS AMENAZAS AVANZADAS

  • 1. 1 YO SIGO TRABAJANDO EN CASA Christian.Ramos@rsa.com Senior System Engineer Bolivia, Ecuador & Perú
  • 2. 3  Internal Use - Confidential MANAGING DIGITAL RISK AMID DISRUPTION Accelerate threat detection and response from the endpoint to the cloud For Security Digital Transformation Sonia.Cordova@rsa.com Gabriela.Valdivia@rsa.com Territory Manager NOLA Sr SecurID Account Manager MaryPaz.Castillo@rsa.com Christian.Ramos@rsa.com Channels Mexico, CA, Caribe & NOLA Senior System Engineer Bolivia, Ecuador & Perú
  • 7. 8 TRANSFORMACIÓN DIGITAL S O S T E N I B I L I D A D. C R E C I M I E N TO. E F I C I E N C I A . 8 Objetivo: Agrega valor en cada componente del proceso de negocio, de manera coherente a la estrategia general. Tranformación Digital Las cuatro tendencias:  “Los móviles no son una plataforma más, sino la primera”  La Nube. “Vamos a ser capaces de definir todas nuestras infraestructuras por software”  Lo Social. “El negocio quiere integrarse en la vida del usuario y nos afecta”  Big data. “En la parte de IAM no sabemos qué hacer, porque definir los controles de acceso va a ser complicado. De ahí que deba haber algún tipo de gestión diferente”.
  • 8. 9  Internal Use - Confidential 9 S U P P LY C H A I N S E C U R I T Y O P E R AT I O N S W O R K F O R C E DISRUPTIONDISRUPTIONIoT Robotics Vulnerabilities Phishing Privacy GDPR Cloud
  • 9. 10  Internal Use - Confidential 10 S E C U R I T Y O P E R AT I O N S W O R K F O R C E DISRUPTIONDISRUPTION CONTAIN ADAPTASSESSSUSTAIN Address compliance changes Manage risk assessments Address heightened threats Address cloud threats Manage vendor ecosystem (who, what, where, why) Manage continuity efforts Manage vendor disruption (supply chain continuity) Manage identity threats Expand remote workforce securely Ensure proper data access MANAGE PROCESS AUTOMATION RISK MANAGE PROCESS AUTOMATION RISK MITIGATE CYBER ATTACK RISK MITIGATE CYBER ATTACK RISK BUILD BUSINESS RESILIENCY BUILD BUSINESS RESILIENCY SECURE YOUR CLOUD TRANSFORMATION SECURE YOUR CLOUD TRANSFORMATION EVOLVE DATA GOVERNANCE & PRIVACY EVOLVE DATA GOVERNANCE & PRIVACY MANAGE THIRD PARTY RISK MANAGE THIRD PARTY RISK MANAGE DYNAMIC WORKFORCE RISK MANAGE DYNAMIC WORKFORCE RISK MODERNIZE YOUR COMPLIANCE PROGRAM MODERNIZE YOUR COMPLIANCE PROGRAM S U P P LY C H A I N
  • 10. 12  Internal Use - Confidential 12 DIGITAL TRANSFORMATION VISIBILITY ACTION INSIGHT D I G I TA L R IS K MA N A G EME NT RISK MANAGEMENT IT SECURITY
  • 11. 13  Internal Use - Confidential 13 Understand & Respond to Cyber-Threats Evolve Security & Risk Manage Complex Regulatory Landscape MANAGE DYNAMIC WORKFORCE RISK MANAGE PROCESS AUTOMATION RISK SECURE YOUR CLOUD TRANSFORMATION MODERNIZE YOUR COMPLIANCE PROGRAM BUILD BUSINESS RESILIENCY MANAGE THIRD PARTY RISK EVOLVE DATA GOVERNANCE & PRIVACY MITIGATE CYBER ATTACK RISK DIGITAL RISK MANAGEMENT
  • 12. 14  Internal Use - Confidential RSA PORTAFOLIO Single, Unified Solution To Detect And Respond To Evolving Threats  Netwitness Logs  Netwitness Network  Netwitness Endpoint  Netwitness Cyber Incident and Breach Response  Netwitness User and Entity Behavior Analytics  Netwitness Orchestrator Accelerate Business While You Mitigate Identity Risk  SecurID – Authentication Manager  SecurID Access – MFA  Identity Governance & Lifecycle Centralized Cross Channel Fraud For Unified Detection And Mitigation  Fraud Action  Adaptive Authentication  Adaptive Authentication for Ecommerce Proven Business Risk Management Suite To Confidently  IT Security & Risk  Enterprise & Operational Risk  3rd Party Governance  Business Resiliency  Public Sector  Audit Management  Regulatory & Corporate Compliance
  • 13. 15  Internal Use - Confidential Fraud Prevention & Mitigation Identity Management Risk Management Identify, Monitor, Detection, Prevention, Respond, Restore? IT SECURITY JOURNEY
  • 14. 16  Internal Use - Confidential WHAT IS YOUR MANTRA IN IT SECURITY?
  • 15. 17 ATTACKERS TAKE ADVANTAGE OF CHALLENGES TO TURN COMPROMISES INTO BREACHES Minutes Hours Days Weeks Months Breach Detected Breach Detected 3rd Party Detection compromised in MINUTES82% of exfiltration occurred in DAYS99% discovered in MONTHS64% Spear Phishing Attack Malware Installed Initial Compromise Communicate to External Server (C2) Breach Lateral Movement Discover Critical Assets Data Exfiltration
  • 16. 18 TRADITIONAL METHODS WON’T PROTECT YOU “Traditional defense-in-depth components are still necessary, but are no longer sufficient in protecting against advanced targeted attacks and advanced malware” – Gartner Source: Gartner’s “Five Styles of Advanced Threat Defense” Network Traffic Analysis Style 1 Payload Analysis Style 3 Endpoint Behavior Analysis Style 4 Network Forensics Style 2 Endpoint Forensics Style 5 Where to Look Network Payload Endpoint Time SIEM NBA – NTA - NFA EDR
  • 18. 20 EVOLUTION OF THREAT ACTORS & DETECTION IMPLICATIONS Firewall IDS/IPS Antivirus Antimalware Correlacionador SIEM CAPA DE SEGURIDAD TRADICIONAL Visibilidad delaRED Visibilidad delTERMINAL Tecnologías Operacionales Tecnologías de información INFORMACION OBJETIVO INFRAESTRUCTURA CAPA DE SEGURIDAD AVANZADA ESPACIOBLANCO NOVIGILADO ATACANTES
  • 19. 21 Detect Respond Network RSA NetWitness Endpoint Logs Orchestration Endpoint Logs Network RSA Advanced Cyber Defense RSA Incident Response RSA Professional Services Threat Intelligence (Live) RSA ADVANCED SOC SOLUTIONS
  • 20. 22 METADATA It’s the story behind the data x.x.x.x 10.0.0.1 TCP/80 10.0.0.1 y.y.y.y UDP/53 China Web Server Tor Node HTTP Post no Get Base64 Encoded Payload Encrypted Zip File Apache runs PowerShell Command line with Zip Password Payload is FTP Logs Threat Intel Network Endpoint In a single interface, at capture time
  • 21. 23 RSA NETWITNESS UEBA BEHAVIOURAL ANALYTICS SMART Alerts around specific use cases- e.g. Data exfiltration Context around detected risks- which user, what time / activity? Investigation of each detected alert anomaly RSA NETWITNESS LOGS BEHAVIORAL ANALYTICS UNIQUE UNSUPERVISED 3 STAGE MACHINE LEARNING OUTCOME
  • 22. 24 ANALYZING LOGON ACTIVITY - EXAMPLE 3,009 Indicators 56 Alerts 37 High Risk Users 1.6B~Logon Events 7 Indicators Abnormal Logon Time Abnormal Source Computer Abnormal Destination Computer Multiple Successful Authentication Multiple Failed Authentications Multiple Source Computers Multiple Destination Computers Windows Logons (4624) 2 Months 5,000 AD users 1 Input Source Interactive Logons 4 Alerts Brute Force Authentication Non-Standard Hours User Login to Abnormal Computer User Logins to Multiple Hosts
  • 23. 25 CONNECTING THE DOTS. LITERALLY. EFFECTIVE ANOMALY DETECTION IN ACTION User: Randall S. Anderson Raw events Threat Indicators Correlated alert with scoring
  • 24. 26 CONNECTING THE DOTS. LITERALLY. EFFECTIVE ANOMALY DETECTION IN ACTION User: Randall S. Anderson Raw events Threat Indicators Correlated alert with scoring
  • 25. 27 CONNECTING THE DOTS. LITERALLY. EFFECTIVE ANOMALY DETECTION IN ACTION User: Randall S. Anderson Raw events Threat Indicators Correlated alerts with scoring  Alert Score = 15
  • 26. 28CONFIDENTIAL VISUALIZING HOW UEBA WORKS WITH EXISTING RSA NETWITNESS LOGS Data from Existing RSA NetWitness Deployment Creates baseline of normal behavior UEBA Monitors Indicators / Continues to Collect Data Indicator 1 Indicator 2 Indicator 3 Indicator 4 Anomalies DetectedAnomalies Grouped Together Uniqueness: High Severity: High
  • 27. 29CONFIDENTIAL SUPERVISED VS. UNSUPERVISED MACHINE LEARNING Supervised Machine Learning Item Attribute 1 Attribute 2 Large Red Medium Red Small Red Large Green Medium Green Small Green Large Blue Medium Blue Small Blue Large Yellow Medium Yellow Small Yellow ?  Administrator has to label data types  The system tries to decide what to do based on learned labels when data comes in
  • 28. 30 ORCHESTRATION & AUTOMATION Gartner defines security orchestration, automation and response, or SOAR, as technologies that enable organizations • ORCHESTATION [to collect security threats data and alerts from different sources, where incident analysis and triage can be performed leveraging a combination of human and machine power] • AUTOMATION [to help define, prioritize and drive standardized incident response activities according to a standard workflow.] SOAR tools allow an organization to define incident analysis and response procedures (aka plays in a security operations playbook) in a digital workflow format, such that a range of machine-driven activities can be automated.
  • 29. 31 RSA NETWITNESS ORCHESTATOR AUTHENTICATION DATA ENRICHMENT VULNERABILITY SIEM THREAT INTEL NETWORK FORENSICS ANALYTICS BYOI CASE MANAGEMENT ALERTS /INCIDENTS COLLABORATIONUSER/ENTITY RESPONSE ACTION MACHINE LEARNING CASE MANAGEMENT AUTOMATED PLAYBOOKS
  • 30. 32 EMPOWER ANALYSTS WITH RISK & AUTOMATIONRSA NetWitness v11 Respond enables Essential Incident Management actions for a SOC RSA NetWitness Orchestrator enables Advanced Incident Orchestration & Automation Needs RSA Archer Cyber Incident & Breach Response enables a Business response to declared Security Incidents
  • 31. 45  Internal Use - Confidential 45 INNOVATION TRUST LEADERSHIP ECOSYSTEM IoT Robotics Vulnerabilities Corporate Governance Privacy GDPR Cloud Digital BusinessRegulatory Change Hackers & Malware  Encryption  Authentication  Fraud Risk Engine  SIEM/SOAR  Integrated Risk Management  35+ years  12,500+ customers  50M+ identities  2B consumers  94% of the Fortune 500  Recognized leadership by analyst firms  Industry leading events and thought leadership  Expertise, guided by proven frameworks  700+ practitioners  400+ global partners  1100+ product integrations  Robust customer community WHY RSA