Your SlideShare is downloading. ×
0

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

How to Simplify Audit Compliance with Unified Security Management

595

Published on

Maintaining, verifying, and demonstrating compliance with regulatory requirements, whether PCI DSS, HIPAA, GLBA or others, is far from a trivial exercise. Proving compliance with these requirements …

Maintaining, verifying, and demonstrating compliance with regulatory requirements, whether PCI DSS, HIPAA, GLBA or others, is far from a trivial exercise. Proving compliance with these requirements often translates into a lot of manual and labor-intensive tasks – chasing down discrepancies in asset inventory spreadsheets, remediating critical vulnerabilities, and weeding through log data trying to make sense of it all. In fact, you may need to consult at least a dozen different tools to assemble the security controls and reports you need. Compliance doesn't have to be so hard.

Review this presentation to learn:
- Common audit compliance failures
- A pre-audit checklist to help you plan and prepare
- Core security capabilities needed to demonstrate compliance
- How to simplify compliance with a unified approach to security

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
595
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
27
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Provides real-time, actionable information that is open to anyone who chooses to participate. This allows IT practitioners to achieve preventative response by learning about how others are targeted, and employing the right defenses, to avoid becoming a target themselves.

    How do we ensure that the information related is not only getting pushed to the right place, but automated pushed down the line so that not just the first organization benefits but every other organization benefits from that response as well. We have the framework built out – limited information, IP information.
  • Transcript

    • 1. WWW.ALIENVAULT.COM How to Simplify Audit & Compliance with Unified Security Management Patrick Bedwell VP, Product Marketing
    • 2. Common Audit Failures Pre-Audit Checklist Core Security Capabilities How To Simplify Compliance With a Unified Approach Q & A Agenda
    • 3. Setting The Stage… Common Challenges & Pre-Audit Checklist
    • 4. The Era of Big Data Breaches
    • 5. The Era of Targeted Attacks 74% of attacks on retail, accommodation, and food services companies target payment card information. Data from Verizon Data Breach Investigations Reports (DBIRs), 2011, 2012 and 2013
    • 6. The Era of… Uh-oh > 1.9 million Point-of-Sale (POS) machines run Windows XP ~ 95% of ATMS in US still run Windows XP
    • 7. Poor Compliance When Breached PCI Regulation #10 • Track & monitor all access to network resources & cardholder data Source: Verizon 2014 PCI Compliance Report
    • 8. http://www.sans.org/critical-security-controls SANS Top 20 Critical Security Controls 1. Inventory of Authorized and Unauthorized Devices 2. Inventory of Authorized and Unauthorized Software 3. Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers 4. Continuous Vulnerability Assessment and Remediation 5. Malware Defenses 6. Application Software Security 7. Wireless Access Control 8. Data Recovery Capability 9. Security Skills Assessment and Appropriate Training to Fill Gaps 10.Secure Configurations for Network Devices such as Firewalls, Routers, and Switches 11.Limitation and Control of Network Ports, Protocols, and Services 12.Controlled Use of Administrative Privileges 13.Boundary Defense 14.Maintenance, Monitoring, and Analysis of Audit Logs 15.Controlled Access Based on the Need to Know 16.Account Monitoring and Control 17.Data Protection 18.Incident Response and Management 19.Secure Network Engineering 20.Penetration Tests and Red Team Exercises
    • 9. Why Is This Control Critical How to Implement This Control Procedures and Tools Effectiveness Metrics Automation Metrics Effectiveness Test System Entity Relations Detailed Information for Both the IT Practitioner & Auditor
    • 10. What Do I Need To Simplify Compliance?
    • 11. To simplify how organizations detect and mitigate threats • Benefit from the power of crowd-sourced threat intelligence & unified security AlienVault Vision
    • 12. The AlienVault Approach
    • 13. Asset Discovery • Active Network Scanning • Passive Network Scanning • Host-based Software Inventory The AlienVault Approach
    • 14. Asset Discovery • Active Network Scanning • Passive Network Scanning • Host-based Software Inventory Vulnerability Assessment • Network Vulnerability Testing • Remediation Verification The AlienVault Approach
    • 15. Asset Discovery • Active Network Scanning • Passive Network Scanning • Host-based Software Inventory Vulnerability Assessment • Network Vulnerability Testing • Remediation Verification Threat Detection • Network IDS • Host IDS • Wireless IDS • File Integrity Monitoring The AlienVault Approach
    • 16. Asset Discovery • Active Network Scanning • Passive Network Scanning • Host-based Software Inventory Vulnerability Assessment • Network Vulnerability Testing • Remediation Verification Threat Detection • Network IDS • Host IDS • Wireless IDS • File Integrity Monitoring Behavioral Monitoring • Log Collection • Netflow Analysis • Service Availability Monitoring The AlienVault Approach
    • 17. Asset Discovery • Active Network Scanning • Passive Network Scanning • Host-based Software Inventory Vulnerability Assessment • Network Vulnerability Testing • Remediation Verification Threat Detection • Network IDS • Host IDS • Wireless IDS • File Integrity Monitoring Behavioral Monitoring • Log Collection • Netflow Analysis • Service Availability Monitoring Security Intelligence • SIEM Event Correlation • Incident Response The AlienVault Approach
    • 18. AlienVault Server to aggregate data and manage the deployment AlienVault Sensor to collect data from the infrastructure AlienVault Logger for long term storage and reporting AlienVault All-in-One to collect, aggregate, and store data as well as manage Three Components
    • 19. Three Components, Three Form Factors AlienVault Server to aggregate data and manage the deployment AlienVault Sensor to collect data from the infrastructure AMIVirtual AppliancePhysical Appliance AlienVault Logger for long term storage and reporting AlienVault All-in-One to collect, aggregate, and store data as well as manage
    • 20. Integrated Threat Intelligence 20 • OSSIM • Free Tools • USM
    • 21. Traditional Response First Street Credit Union Zeta Insurance Group John Smith Auto Nation Regional Pacific Telecom Marginal Food Products
    • 22. Traditional Response First Street Credit Union Zeta Insurance Group John Smith Auto Nation Regional Pacific Telecom Marginal Food Products Attack
    • 23. Traditional Response First Street Credit Union Zeta Insurance Group John Smith Auto Nation Regional Pacific Telecom Marginal Food Products Attack Detect
    • 24. Traditional Response First Street Credit Union Zeta Insurance Group John Smith Auto Nation Regional Pacific Telecom Marginal Food Products Attack Respond Detect
    • 25. Traditional Response First Street Credit Union Zeta Insurance Group John Smith Auto Nation Regional Pacific Telecom Marginal Food Products Attack Detect Respond
    • 26. OTX Enables Preventative Response Through an automated, real-time, threat exchange framework
    • 27. A Real-Time Threat Exchange Framework First Street Credit Union Zeta Insurance Group John Smith Auto Nation Regional Pacific Telecom Marginal Food Products Attack Open Threat Exchange Puts Preventative Response Measures in Place Through Shared Experience
    • 28. A Real-Time Threat Exchange Framework First Street Credit Union Zeta Insurance Group John Smith Auto Nation Regional Pacific Telecom Marginal Food Products Attack Detect Open Threat Exchange Protects Others in the Network With the Preventative Response Measures
    • 29. Benefits of Open Threat Exchange Shifts the advantage from the attacker to the defender Open and free to everyone Each member benefits from the incidents of all other members Automated sharing of threat data
    • 30. Threats Change. Your event correlation rules, IP reputation data, etc. should change too. It’s Impossible to Predict All Bad Things. You need a solution that evolves with you. The Need to Adapt What’s not in the fine print but should be… Dynamic threat intelligence updates Flexible use case support
    • 31. Reputation Monitor • External view of IPs - Targeted? ThreatFinder • Internal view of IPs - Compromised? OSSIM • World’s most widely used open source SIEM product Free Tools
    • 32. AlienVault Labs Threat Intelligence Coordinated analysis, actionable guidance  Weekly updates to coordinated rule sets:  Network IDS  Host IDS  Asset discovery / inventory database  Vulnerability database  Event correlation  Report modules and templates  Incident response templates / “how to” guidance for each alarm  Plug-ins to accommodate new data sources
    • 33. Unified Security Management in Action
    • 34. Now for Some Q&A… Test Drive AlienVault USM Download a Free 30-Day Trial www.alienvault.com/free-trial Try our Interactive Demo Site www.alienvault.com/live-demo-site Free Tools www.alienvault.com/open-threat- exchange Thank You! Patrick Bedwell pbedwell@alienvault.com

    ×