O slideshow foi denunciado.
Seu SlideShare está sendo baixado. ×

Webinar - Feel Secure with revolutionary OTM Solution

Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Anúncio
Carregando em…3
×

Confira estes a seguir

1 de 22 Anúncio

Webinar - Feel Secure with revolutionary OTM Solution

Learn how you can adopt to use the best Security Mechanisms which leverages unmatched combination of behavioral analysis, machine learning & dynamic threat intelligence to deliver comprehensive rich visibility, holistic threat detection & containment of threats in real-time.

Learn how you can adopt to use the best Security Mechanisms which leverages unmatched combination of behavioral analysis, machine learning & dynamic threat intelligence to deliver comprehensive rich visibility, holistic threat detection & containment of threats in real-time.

Anúncio
Anúncio

Mais Conteúdo rRelacionado

Diapositivos para si (20)

Semelhante a Webinar - Feel Secure with revolutionary OTM Solution (20)

Anúncio

Mais de JK Tech (20)

Mais recentes (20)

Anúncio

Webinar - Feel Secure with revolutionary OTM Solution

  1. 1. Lalit Shinde, Head of Strategic Partnerships, Seceon FEEL SECURE with revolutionary OTM Solution – Panel Discussion Webinar 16th Nov, 2017 1
  2. 2. • Sophistication of attacks • Quick proliferation of attacks • Continually evolving technologies Changing Landscape of Cyber Security Attacks “There are two kinds of organizations: Those who’ve been hacked and know it, and those who’ve been hacked and don’t know it” – Chad Fulgham, former CIO of FBI 2
  3. 3. • Firewalls, End-Point Solutions, Spam Lists and Filters, SIEM • Silo point solutions for each new type of attack • Reactive solutions to Data Breaches • Threat data overload – Copious amount of false positives • No real time solution – human factor Legacy Security Solutions 3
  4. 4. • Proactive approach to identifying both known and unknown threats • Comprehensive visibility into all kinds of traffic • Intelligence and data science driven protection • Holistic solution to protect the enterprise’s entire ecosystem • Automated remediation Innovative Security Approach 4
  5. 5. Michael E. Crean, CEO, Solutions Granted Role of Machine Learning and AI in Cyber Security 5 Webinar 16th Nov, 2017
  6. 6. • What is wrong? But knowing just that is not enough. • Why is it wrong? • How to fix it? • Anomalous behavior differs from industry to industry requiring use of unsupervised algorithms • Context matters – Correlation to all factual data is important to reduce false positives Why Artificial Intelligence and Machine Learning? 6
  7. 7. • Accuracy and confidence of threat detection • Specificity and correlation of threat vectors with factual data • Ability to work with variety of data sources – network traffic, host and application logs, DNS logs, DHCP logs, Identity management (AD) logs etc. • Ability to integrate with and push policies to all types of network devices to stop the threat Producing Actionable Intelligence 7
  8. 8. Grigoriy Mills, CTO, RFA Cyber Security – Case for Automation for MSSPs 8 Webinar 16th Nov, 2017
  9. 9. Challenges: Operational Cost of Investigations Flows/Logs Troubleshooting Activity Type Flow/Log Instances Comments NG FW generates events/logs around an instance of an infected device attempting to connect to a bad web site. North-South Activity 444 NG FW is resetting connections from the device over time and is not correlating these "non critical flagged" instances Device is also performing IP Sweeps East- West Activity 135 Few separate instances across the internal network Device is also performing IP Port scans East- West Activity 92 Few separate instances across the internal network Device needs to be identified Internal Activity 1 What device is it? who or what group it belongs to? Total Activity 672 Total instances to investigate Consider an example where a device is infected with a Malware 9
  10. 10. Challenges: Operational Cost of Investigations Jr. SOC Analyst Sr. SOC Analyst Costs $75,000 $250,000.00 SOC Analyst Burdened rate per year $1,442.31 $4,807.69 cost per week $36.06 $120.19 cost/hour $0.60 $2.00 cost/minute Minutes per instance investigation 1.5 Total minutes of effort per incident 1006.5 $ cost/minute $0.60 Total Cost to correlate one incident $603.90 Typical Incidents per business day investigated at a Mid Sized F5000 (As per Ponemon/Verizon Reports) 3 Total Cost per business day $1,811.70 Total Cost per year $452,925.00 Automation can completely eliminate this total cost 10
  11. 11. Challenges: Cost of MTTI and MTTC MTTI – Mean Time To Identify MTTC – Mean Time To Contain US $M US $M US $M Source: Ponemon 2016 Cost of Data Breach Study Report 11
  12. 12. • Timely response to every attack is necessary to stave off bigger cost of data breach – Automated real-time detection and response • Reduce the operational cost – SOC team designing and operationalizing security practice rather than investigating every false positive • Affordable for any size organization – SMBs are as prone to attack as large enterprises and your cyber hygiene affects everyone you are dealing with Cyber Security – Case for Automation 12
  13. 13. Ron Culler, CTO, Secure Design Inc. Seceon Open Threat Management Solution 13 Webinar 16th Nov, 2017
  14. 14. • Focus: Providing a solution effective at detecting and stopping the most dangerous and costly Cyber threats as soon as they happen, while dramatically lowering IT costs 14 ++ See Everything Detect Threats That Matter Stop the Threat Seceon OTM Seceon’s Disruptive Approach! Seceon, Inc. Confidential – NDA Required
  15. 15. 15 CCE – Control and Collection Engine Collects inputs from variety of sources Extracts key meta data and sends refined input to APE APE – Analytics and Policy Engine Threat Models based on User Behavioral Analytics and Machine Learning Fast Big Data Engine Seceon OTM GUI User Friendly and Intuitive Adaptive Visualization of assets & threats Executive Dashboard & detailed reports APE Dynamic Threat Models Fast Big Data Engine ML - User Behavioral Analytics AI with Recommended Remediation CCE – n Feature Extraction Down Sampling CCE Feature Extraction Down Sampling CCE – 1 Feature Extraction Down Sampling Seceon Open Threat Management (OTM) Seceon OTM uses Micro-Services Architecture and can be deployed in Cloud, VM and Customer Owned or Seceon Supplied Appliances 15
  16. 16. Seceon OTM Platform Overview 16 Adaptive Visualization • Comprehensive view of all assets and threats • Fully automated solution that is easiest to deploy • Allows drill down of threats with all details Detect Threats that Matter • Detects known as well as unknown threats • Provides comprehensive information of the threats • Indicates all compromised assets and potential targets Contain Threats in Real Time • Immediate corrective action in real time • Automatic notification through email/text if required • Provides actionable analytics 16
  17. 17. Built-in Security Threat Modeling Parse Dynamic Reduction Behavior Analysis Threat Correlation Threat Intelligence UniversalCollectionBus Unstructured Data Unstructured Data Store Storage Engine Search Rapid Search Agent Analytics Analytics Engine Big Data Store & Search Real-time Threat Detection Real-time Analytics Predictive Modeling Outputs Built-in Advanced Correlation Built-in ML Engine Built-in Data Model Engine Input to output transit - measured in seconds Platform Security Engine Structured Data Parse Dynamic Reduction Parse Dynamic Reduction Seceon’s Scalable – Fast Analytics Processing Platform Distributed Data Ingest (CCE) Fast Parallel Processing Architecture (APE) Closed Loop Threat Containment Threat Containment 17
  18. 18. Sunil K. Kotagiri, Co-Founder, Seceon Compliance and Risk management using Seceon OTM Solution 18 Webinar 16th Nov, 2017
  19. 19. • Identity • Network, Host & User inventory and access monitoring & reports • Protection • Threat detection & Containment • Detection • 30 different threat models • Respond • Automatic remediation • Recover • Quarantine users & hosts OTM covers NIST Framework 19
  20. 20. • Detect & contain unauthorized access (Real-time) • Whitelists (Users & Hosts) • File copy and transfer • Reports • Daily & Weekly reports • Forensics • Store & Analyze data for years OTM covers GDPR Framework 20 Data Privacy Accountability Responsibility EvidenceOwnership
  21. 21. • Tracks User account mgmt • Windows AD & Reports • Data access rules • Whitelists & Policy violations • Integrity Monitoring • Policy violations, permission changes • Audit Trail • Reports – DMCA, asset groups, whitelists OTM covers HIPAA Framework 21 HIPAA Access Control Account Mgmt Credential Mgmt Priv. Users Mgmt Integrity Monitoring Config Mgmt Data Governance Audit Trail
  22. 22. Q & A 22

×