2. 2
What is “Security Monitoring?”
Most companies security measures consist of Malware
and SIEM software to look for data breaches on the
beginning, when they enter the system, and at the end,
when the hacker extracts the data.
What about here? In the
middle of the cycle once
it has breached your
system?
3. 3
What is Phishing?
Phishing is when a hacker
steals information about you
from
social/personal/professional
websites and uses that
information to send you a
personalized email embedded
with a link inviting you to click
through.
Once you click, your system
will be embedded with
malware or command-and-
control technology to take over
and crawl the system for more
valuable targets and
information
4. 4
What is Phishing?
The software continues to
exploit vulnerabilities in your
system as needed to gain
access to resources
Once the hacker has found
what its are looking for, the
software packages up the
valuable data and ex-
filtrates it
This attack can take days or
weeks and most go
unnoticed until they are long
gone
5. 5
Security: The Old Way
Malware
Security information and event
management solutions and
deep packet inspection
solutions focus on later stages
when data is being packaged
and ex-filtrated
Focused heavily on
identifying malware or
viruses to address initial
compromise stage
SIEM
6. 6
Security: The Old Way
Malware
Security information and event
management solutions and
deep packet inspection
solutions focus on later stages
when data is being packaged
and ex-filtrated
Focused heavily on
identifying malware or
viruses to address initial
compromise stage
What happens in
the middle?
SIEM
7. 7
Security: The New Needs
In the middle stages of an attack a hacker is gaining
undetected access to the rest of the companies IT
structure exploiting vulnerabilities and cracking
passwords to gain admin access to privileged systems
This lateral movement is where the need for identity and
access continuous monitoring live
Companies need improved IAM controls and continuous
monitoring to see users and their access at all times
8. 8
Real-Time Solutions:
Traditional IAM has been event driven (hire, fire,
transfer) or audit driven (few times a year) and is not
often enough to see what's happening in your system.
Identity analytics and intelligence enables you to
continuously monitor users and their access and clearly
see when users access departs from the norm, when
they gain privileged access, or when they have more
access than is warranted
9. 9
Real-Time Solutions:
Identity Analytics and Intelligence enables you to look at
particular users behavior in context of other factors such
as if behavior is typical of a user in that role, job title, or
geographic location
11. 11
Do you have Intelligent IAM?
Have you closed the loop on your security?
If you want to know where your risks are, contact
Courion for a free quick scan today and find out what
solutions would work for you.
Learn More>>